wolf SSL
/
wolfSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
Embed:
(wiki syntax)
Show/hide line numbers
ssl.h
Go to the documentation of this file.
00001 /* ssl.h 00002 * 00003 * Copyright (C) 2006-2020 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 /*! 00022 \file ../wolfssl/ssl.h 00023 \brief Header file containing key wolfSSL API 00024 */ 00025 00026 /* wolfSSL API */ 00027 00028 #ifndef WOLFSSL_SSL_H 00029 #define WOLFSSL_SSL_H 00030 00031 00032 /* for users not using preprocessor flags*/ 00033 #include <wolfssl/wolfcrypt/settings.h> 00034 #include <wolfssl/version.h> 00035 #include <wolfssl/wolfcrypt/logging.h > 00036 #include <wolfssl/wolfcrypt/asn_public.h > 00037 #include <wolfssl/wolfcrypt/types.h > 00038 00039 #ifdef HAVE_WOLF_EVENT 00040 #include <wolfssl/wolfcrypt/wolfevent.h> 00041 #endif 00042 00043 /* used internally by wolfSSL while OpenSSL types aren't */ 00044 #include <wolfssl/callbacks.h> 00045 00046 #ifdef WOLFSSL_PREFIX 00047 #include "prefix_ssl.h" 00048 #endif 00049 00050 #ifdef LIBWOLFSSL_VERSION_STRING 00051 #define WOLFSSL_VERSION LIBWOLFSSL_VERSION_STRING 00052 #endif 00053 00054 #ifdef _WIN32 00055 /* wincrypt.h clashes */ 00056 #undef OCSP_REQUEST 00057 #undef OCSP_RESPONSE 00058 #endif 00059 00060 #ifdef OPENSSL_COEXIST 00061 /* mode to allow wolfSSL and OpenSSL to exist together */ 00062 #ifdef TEST_OPENSSL_COEXIST 00063 /* 00064 ./configure --enable-opensslcoexist \ 00065 CFLAGS="-I/usr/local/opt/openssl/include -DTEST_OPENSSL_COEXIST" \ 00066 LDFLAGS="-L/usr/local/opt/openssl/lib -lcrypto" 00067 */ 00068 #include <openssl/ssl.h> 00069 #include <openssl/rand.h> 00070 #include <openssl/err.h> 00071 #include <openssl/ec.h> 00072 #include <openssl/hmac.h> 00073 #include <openssl/bn.h> 00074 #endif 00075 00076 /* make sure old names are disabled */ 00077 #ifndef NO_OLD_SSL_NAMES 00078 #define NO_OLD_SSL_NAMES 00079 #endif 00080 #ifndef NO_OLD_WC_NAMES 00081 #define NO_OLD_WC_NAMES 00082 #endif 00083 00084 #elif (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 00085 #include <wolfssl/openssl/bn.h> 00086 #include <wolfssl/openssl/hmac.h> 00087 00088 /* We need the old SSL names */ 00089 #ifdef NO_OLD_SSL_NAMES 00090 #undef NO_OLD_SSL_NAMES 00091 #endif 00092 #ifdef NO_OLD_WC_NAMES 00093 #undef NO_OLD_WC_NAMES 00094 #endif 00095 #endif 00096 00097 #ifdef __cplusplus 00098 extern "C" { 00099 #endif 00100 00101 #ifndef WOLFSSL_WOLFSSL_TYPE_DEFINED 00102 #define WOLFSSL_WOLFSSL_TYPE_DEFINED 00103 typedef struct WOLFSSL WOLFSSL; 00104 #endif 00105 typedef struct WOLFSSL_SESSION WOLFSSL_SESSION; 00106 typedef struct WOLFSSL_METHOD WOLFSSL_METHOD; 00107 #ifndef WOLFSSL_WOLFSSL_CTX_TYPE_DEFINED 00108 #define WOLFSSL_WOLFSSL_CTX_TYPE_DEFINED 00109 typedef struct WOLFSSL_CTX WOLFSSL_CTX; 00110 #endif 00111 00112 typedef struct WOLFSSL_STACK WOLFSSL_STACK; 00113 typedef struct WOLFSSL_X509 WOLFSSL_X509; 00114 typedef struct WOLFSSL_X509_NAME WOLFSSL_X509_NAME; 00115 typedef struct WOLFSSL_X509_NAME_ENTRY WOLFSSL_X509_NAME_ENTRY; 00116 typedef struct WOLFSSL_X509_PUBKEY WOLFSSL_X509_PUBKEY; 00117 typedef struct WOLFSSL_X509_ALGOR WOLFSSL_X509_ALGOR; 00118 typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN; 00119 typedef struct WC_PKCS12 WOLFSSL_X509_PKCS12; 00120 typedef struct WOLFSSL_X509_INFO WOLFSSL_X509_INFO; 00121 00122 typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER; 00123 typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR; 00124 typedef struct WOLFSSL_CRL WOLFSSL_CRL; 00125 typedef struct WOLFSSL_X509_STORE_CTX WOLFSSL_X509_STORE_CTX; 00126 00127 typedef int (*WOLFSSL_X509_STORE_CTX_verify_cb)(int, WOLFSSL_X509_STORE_CTX *); 00128 00129 /* redeclare guard */ 00130 #define WOLFSSL_TYPES_DEFINED 00131 00132 #include <wolfssl/wolfio.h > 00133 00134 00135 #ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */ 00136 typedef struct WOLFSSL_RSA WOLFSSL_RSA; 00137 #define WOLFSSL_RSA_TYPE_DEFINED 00138 #endif 00139 00140 #ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */ 00141 typedef struct WC_RNG WC_RNG; 00142 #define WC_RNG_TYPE_DEFINED 00143 #endif 00144 00145 #ifndef WOLFSSL_DSA_TYPE_DEFINED /* guard on redeclaration */ 00146 typedef struct WOLFSSL_DSA WOLFSSL_DSA; 00147 #define WOLFSSL_DSA_TYPE_DEFINED 00148 #endif 00149 00150 #ifndef WOLFSSL_EC_TYPE_DEFINED /* guard on redeclaration */ 00151 typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY; 00152 typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT; 00153 typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP; 00154 typedef struct WOLFSSL_EC_BUILTIN_CURVE WOLFSSL_EC_BUILTIN_CURVE; 00155 /* WOLFSSL_EC_METHOD is just an alias of WOLFSSL_EC_GROUP for now */ 00156 typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_METHOD; 00157 #define WOLFSSL_EC_TYPE_DEFINED 00158 #endif 00159 00160 #ifndef WOLFSSL_ECDSA_TYPE_DEFINED /* guard on redeclaration */ 00161 typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG; 00162 #define WOLFSSL_ECDSA_TYPE_DEFINED 00163 #endif 00164 00165 typedef struct WOLFSSL_CIPHER WOLFSSL_CIPHER; 00166 typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP; 00167 typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD; 00168 typedef struct WOLFSSL_CRL WOLFSSL_X509_CRL; 00169 typedef struct WOLFSSL_X509_STORE WOLFSSL_X509_STORE; 00170 typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM; 00171 typedef struct WOLFSSL_BIO WOLFSSL_BIO; 00172 typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; 00173 typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION; 00174 typedef struct WOLFSSL_CONF_VALUE WOLFSSL_CONF_VALUE; 00175 typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT; 00176 typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME; 00177 typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX; 00178 typedef struct WOLFSSL_v3_ext_method WOLFSSL_v3_ext_method; 00179 00180 typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING; 00181 typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value; 00182 #ifndef WOLFSSL_DH_TYPE_DEFINED /* guard on redeclaration */ 00183 typedef struct WOLFSSL_DH WOLFSSL_DH; 00184 #define WOLFSSL_DH_TYPE_DEFINED /* guard on redeclaration */ 00185 #endif 00186 typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING; 00187 typedef struct WOLFSSL_ASN1_TYPE WOLFSSL_ASN1_TYPE; 00188 00189 typedef struct WOLFSSL_GENERAL_NAME WOLFSSL_GENERAL_NAME; 00190 typedef struct WOLFSSL_AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID; 00191 typedef struct WOLFSSL_BASIC_CONSTRAINTS WOLFSSL_BASIC_CONSTRAINTS; 00192 typedef struct WOLFSSL_ACCESS_DESCRIPTION WOLFSSL_ACCESS_DESCRIPTION; 00193 00194 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) 00195 00196 struct WOLFSSL_AUTHORITY_KEYID { 00197 WOLFSSL_ASN1_STRING *keyid; 00198 WOLFSSL_ASN1_OBJECT *issuer; 00199 WOLFSSL_ASN1_INTEGER *serial; 00200 }; 00201 00202 struct WOLFSSL_BASIC_CONSTRAINTS { 00203 int ca; 00204 WOLFSSL_ASN1_INTEGER *pathlen; 00205 }; 00206 00207 #endif /* OPENSSL_ALL || OPENSSL_EXTRA*/ 00208 00209 #define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME 00210 #define WOLFSSL_ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME 00211 00212 struct WOLFSSL_ASN1_STRING { 00213 char strData[CTC_NAME_SIZE]; 00214 int length; 00215 int type; /* type of string i.e. CTC_UTF8 */ 00216 char* data; 00217 long flags; 00218 unsigned int isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */ 00219 }; 00220 00221 #define WOLFSSL_MAX_SNAME 40 00222 00223 00224 #define WOLFSSL_ASN1_DYNAMIC 0x1 00225 #define WOLFSSL_ASN1_DYNAMIC_DATA 0x2 00226 00227 struct WOLFSSL_ASN1_OTHERNAME { 00228 WOLFSSL_ASN1_OBJECT* type_id; 00229 WOLFSSL_ASN1_TYPE* value; 00230 }; 00231 00232 struct WOLFSSL_GENERAL_NAME { 00233 int type; 00234 union { 00235 char* ptr; 00236 WOLFSSL_ASN1_OTHERNAME* otherName; 00237 WOLFSSL_ASN1_STRING* rfc822Name; 00238 WOLFSSL_ASN1_STRING* dNSName; 00239 WOLFSSL_ASN1_TYPE* x400Address; 00240 WOLFSSL_X509_NAME* directoryName; 00241 WOLFSSL_ASN1_STRING* uniformResourceIdentifier; 00242 WOLFSSL_ASN1_STRING* iPAddress; 00243 WOLFSSL_ASN1_OBJECT* registeredID; 00244 00245 WOLFSSL_ASN1_STRING* ip; 00246 WOLFSSL_X509_NAME* dirn; 00247 WOLFSSL_ASN1_STRING* ia5; 00248 WOLFSSL_ASN1_OBJECT* rid; 00249 WOLFSSL_ASN1_TYPE* other; 00250 } d; /* dereference */ 00251 }; 00252 00253 struct WOLFSSL_ACCESS_DESCRIPTION { 00254 WOLFSSL_ASN1_OBJECT* method; 00255 WOLFSSL_GENERAL_NAME* location; 00256 }; 00257 00258 struct WOLFSSL_X509V3_CTX { 00259 WOLFSSL_X509* x509; 00260 }; 00261 00262 00263 00264 struct WOLFSSL_ASN1_OBJECT { 00265 void* heap; 00266 const unsigned char* obj; 00267 /* sName is short name i.e sha256 rather than oid (null terminated) */ 00268 char sName[WOLFSSL_MAX_SNAME]; 00269 int type; /* oid */ 00270 int grp; /* type of OID, i.e. oidCertPolicyType */ 00271 int nid; 00272 unsigned int objSz; 00273 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_APACHE_HTTPD) 00274 int ca; 00275 WOLFSSL_ASN1_INTEGER *pathlen; 00276 #endif 00277 unsigned char dynamic; /* if 1 then obj was dynamically created, 0 otherwise */ 00278 00279 #if defined(WOLFSSL_APACHE_HTTPD) 00280 WOLFSSL_GENERAL_NAME* gn; 00281 #endif 00282 00283 struct d { /* derefrenced */ 00284 WOLFSSL_ASN1_STRING* dNSName; 00285 WOLFSSL_ASN1_STRING ia5_internal; 00286 WOLFSSL_ASN1_STRING* ia5; /* points to ia5_internal */ 00287 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 00288 WOLFSSL_ASN1_STRING* uniformResourceIdentifier; 00289 WOLFSSL_ASN1_STRING iPAddress_internal; 00290 WOLFSSL_ASN1_OTHERNAME* otherName; /* added for Apache httpd */ 00291 #endif 00292 WOLFSSL_ASN1_STRING* iPAddress; /* points to iPAddress_internal */ 00293 } d; 00294 }; 00295 00296 /* wrap ASN1 types */ 00297 struct WOLFSSL_ASN1_TYPE { 00298 int type; 00299 union { 00300 char *ptr; 00301 WOLFSSL_ASN1_STRING* asn1_string; 00302 WOLFSSL_ASN1_OBJECT* object; 00303 WOLFSSL_ASN1_INTEGER* integer; 00304 WOLFSSL_ASN1_BIT_STRING* bit_string; 00305 WOLFSSL_ASN1_STRING* octet_string; 00306 WOLFSSL_ASN1_STRING* printablestring; 00307 WOLFSSL_ASN1_STRING* ia5string; 00308 WOLFSSL_ASN1_UTCTIME* utctime; 00309 WOLFSSL_ASN1_GENERALIZEDTIME* generalizedtime; 00310 WOLFSSL_ASN1_STRING* utf8string; 00311 WOLFSSL_ASN1_STRING* set; 00312 WOLFSSL_ASN1_STRING* sequence; 00313 } value; 00314 }; 00315 00316 struct WOLFSSL_EVP_PKEY { 00317 void* heap; 00318 int type; /* openssh dereference */ 00319 int save_type; /* openssh dereference */ 00320 int pkey_sz; 00321 int references; /*number of times free should be called for complete free*/ 00322 wolfSSL_Mutex refMutex; /* ref count mutex */ 00323 00324 union { 00325 char* ptr; /* der format of key / or raw for NTRU */ 00326 } pkey; 00327 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) 00328 #ifndef NO_RSA 00329 WOLFSSL_RSA* rsa; 00330 byte ownRsa; /* if struct owns RSA and should free it */ 00331 #endif 00332 #ifndef NO_DSA 00333 WOLFSSL_DSA* dsa; 00334 byte ownDsa; /* if struct owns DSA and should free it */ 00335 #endif 00336 #ifdef HAVE_ECC 00337 WOLFSSL_EC_KEY* ecc; 00338 byte ownEcc; /* if struct owns ECC and should free it */ 00339 #endif 00340 #ifndef NO_DH 00341 WOLFSSL_DH* dh; 00342 byte ownDh; /* if struct owns DH and should free it */ 00343 #endif 00344 WC_RNG rng; 00345 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 00346 #ifdef HAVE_ECC 00347 int pkey_curve; 00348 #endif 00349 }; 00350 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_PKCS8_PRIV_KEY_INFO; 00351 #ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */ 00352 typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY; 00353 typedef struct WOLFSSL_EVP_MD_CTX WOLFSSL_EVP_MD_CTX; 00354 typedef char WOLFSSL_EVP_MD; 00355 #define WOLFSSL_EVP_TYPE_DEFINED 00356 #endif 00357 00358 struct WOLFSSL_X509_PKEY { 00359 WOLFSSL_EVP_PKEY* dec_pkey; /* dereferenced by Apache */ 00360 void* heap; 00361 }; 00362 typedef struct WOLFSSL_X509_PKEY WOLFSSL_X509_PKEY; 00363 00364 struct WOLFSSL_X509_INFO { 00365 WOLFSSL_X509 *x509; 00366 WOLFSSL_X509_CRL *crl; 00367 WOLFSSL_X509_PKEY *x_pkey; /* dereferenced by Apache */ 00368 EncryptedInfo enc_cipher; 00369 int enc_len; 00370 char *enc_data; 00371 int num; 00372 }; 00373 00374 #define WOLFSSL_EVP_PKEY_DEFAULT EVP_PKEY_RSA /* default key type */ 00375 00376 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 00377 #define wolfSSL_SSL_MODE_RELEASE_BUFFERS 0x00000010U 00378 #define wolfSSL_SSL_CTRL_SET_TMP_ECDH 4 00379 #endif 00380 00381 struct WOLFSSL_X509_ALGOR { 00382 WOLFSSL_ASN1_OBJECT* algorithm; 00383 WOLFSSL_ASN1_TYPE* parameter; 00384 }; 00385 00386 struct WOLFSSL_X509_PUBKEY { 00387 WOLFSSL_X509_ALGOR* algor; 00388 WOLFSSL_EVP_PKEY* pkey; 00389 int pubKeyOID; 00390 }; 00391 00392 00393 enum BIO_TYPE { 00394 WOLFSSL_BIO_BUFFER = 1, 00395 WOLFSSL_BIO_SOCKET = 2, 00396 WOLFSSL_BIO_SSL = 3, 00397 WOLFSSL_BIO_MEMORY = 4, 00398 WOLFSSL_BIO_BIO = 5, 00399 WOLFSSL_BIO_FILE = 6, 00400 WOLFSSL_BIO_BASE64 = 7, 00401 WOLFSSL_BIO_MD = 8 00402 }; 00403 00404 enum BIO_FLAGS { 00405 WOLFSSL_BIO_FLAG_BASE64_NO_NL = 0x01, 00406 WOLFSSL_BIO_FLAG_READ = 0x02, 00407 WOLFSSL_BIO_FLAG_WRITE = 0x04, 00408 WOLFSSL_BIO_FLAG_IO_SPECIAL = 0x08, 00409 WOLFSSL_BIO_FLAG_RETRY = 0x10 00410 }; 00411 00412 enum BIO_CB_OPS { 00413 WOLFSSL_BIO_CB_FREE = 0x01, 00414 WOLFSSL_BIO_CB_READ = 0x02, 00415 WOLFSSL_BIO_CB_WRITE = 0x03, 00416 WOLFSSL_BIO_CB_PUTS = 0x04, 00417 WOLFSSL_BIO_CB_GETS = 0x05, 00418 WOLFSSL_BIO_CB_CTRL = 0x06, 00419 WOLFSSL_BIO_CB_RETURN = 0x80 00420 }; 00421 00422 typedef struct WOLFSSL_BUF_MEM { 00423 char* data; /* dereferenced */ 00424 size_t length; /* current length */ 00425 size_t max; /* maximum length */ 00426 } WOLFSSL_BUF_MEM; 00427 00428 /* custom method with user set callbacks */ 00429 typedef int (*wolfSSL_BIO_meth_write_cb)(WOLFSSL_BIO*, const char*, int); 00430 typedef int (*wolfSSL_BIO_meth_read_cb)(WOLFSSL_BIO *, char *, int); 00431 typedef int (*wolfSSL_BIO_meth_puts_cb)(WOLFSSL_BIO*, const char*); 00432 typedef int (*wolfSSL_BIO_meth_gets_cb)(WOLFSSL_BIO*, char*, int); 00433 typedef long (*wolfSSL_BIO_meth_ctrl_get_cb)(WOLFSSL_BIO*, int, long, void*); 00434 typedef int (*wolfSSL_BIO_meth_create_cb)(WOLFSSL_BIO*); 00435 typedef int (*wolfSSL_BIO_meth_destroy_cb)(WOLFSSL_BIO*); 00436 00437 typedef int wolfSSL_BIO_info_cb(WOLFSSL_BIO *, int, int); 00438 typedef long (*wolfssl_BIO_meth_ctrl_info_cb)(WOLFSSL_BIO*, int, wolfSSL_BIO_info_cb*); 00439 00440 /* wolfSSL BIO_METHOD type */ 00441 #ifndef MAX_BIO_METHOD_NAME 00442 #define MAX_BIO_METHOD_NAME 256 00443 #endif 00444 struct WOLFSSL_BIO_METHOD { 00445 byte type; /* method type */ 00446 char name[MAX_BIO_METHOD_NAME]; 00447 wolfSSL_BIO_meth_write_cb writeCb; 00448 wolfSSL_BIO_meth_read_cb readCb; 00449 wolfSSL_BIO_meth_puts_cb putsCb; 00450 wolfSSL_BIO_meth_gets_cb getsCb; 00451 wolfSSL_BIO_meth_ctrl_get_cb ctrlCb; 00452 wolfSSL_BIO_meth_create_cb createCb; 00453 wolfSSL_BIO_meth_destroy_cb freeCb; 00454 wolfssl_BIO_meth_ctrl_info_cb ctrlInfoCb; 00455 }; 00456 00457 /* wolfSSL BIO type */ 00458 typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg, 00459 int iarg, long larg, long return_value); 00460 00461 struct WOLFSSL_BIO { 00462 WOLFSSL_BUF_MEM* mem_buf; 00463 WOLFSSL_BIO_METHOD* method; 00464 WOLFSSL_BIO* prev; /* previous in chain */ 00465 WOLFSSL_BIO* next; /* next in chain */ 00466 WOLFSSL_BIO* pair; /* BIO paired with */ 00467 void* heap; /* user heap hint */ 00468 void* ptr; /* WOLFSSL, file descriptor, MD, or mem buf */ 00469 void* usrCtx; /* user set pointer */ 00470 char* infoArg; /* BIO callback argument */ 00471 wolf_bio_info_cb infoCb; /* BIO callback */ 00472 int wrSz; /* write buffer size (mem) */ 00473 int wrIdx; /* current index for write buffer */ 00474 int rdIdx; /* current read index */ 00475 int readRq; /* read request */ 00476 int num; /* socket num or length */ 00477 int eof; /* eof flag */ 00478 int flags; 00479 byte type; /* method type */ 00480 byte init:1; /* bio has been initialized */ 00481 byte shutdown:1; /* close flag */ 00482 #ifdef HAVE_EX_DATA 00483 WOLFSSL_CRYPTO_EX_DATA ex_data; 00484 #endif 00485 }; 00486 00487 typedef struct WOLFSSL_COMP_METHOD { 00488 int type; /* stunnel dereference */ 00489 } WOLFSSL_COMP_METHOD; 00490 00491 typedef struct WOLFSSL_COMP { 00492 int id; 00493 const char *name; 00494 WOLFSSL_COMP_METHOD *method; 00495 } WOLFSSL_COMP; 00496 00497 struct WOLFSSL_X509_LOOKUP_METHOD { 00498 int type; 00499 }; 00500 00501 struct WOLFSSL_X509_LOOKUP { 00502 WOLFSSL_X509_STORE *store; 00503 }; 00504 00505 struct WOLFSSL_X509_STORE { 00506 int cache; /* stunnel dereference */ 00507 WOLFSSL_CERT_MANAGER* cm; 00508 WOLFSSL_X509_LOOKUP lookup; 00509 #ifdef OPENSSL_EXTRA 00510 int isDynamic; 00511 WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ 00512 #endif 00513 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 00514 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; 00515 #endif 00516 #ifdef HAVE_EX_DATA 00517 WOLFSSL_CRYPTO_EX_DATA ex_data; 00518 #endif 00519 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) 00520 WOLFSSL_X509_CRL *crl; 00521 #endif 00522 }; 00523 00524 #ifdef OPENSSL_EXTRA 00525 #define WOLFSSL_USE_CHECK_TIME 0x2 00526 #define WOLFSSL_NO_CHECK_TIME 0x200000 00527 #define WOLFSSL_NO_WILDCARDS 0x4 00528 #define WOLFSSL_HOST_NAME_MAX 256 00529 #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */ 00530 struct WOLFSSL_X509_VERIFY_PARAM { 00531 time_t check_time; 00532 unsigned long flags; 00533 char hostName[WOLFSSL_HOST_NAME_MAX]; 00534 unsigned int hostFlags; 00535 char ipasc[WOLFSSL_MAX_IPSTR]; 00536 }; 00537 #endif 00538 00539 typedef struct WOLFSSL_ALERT { 00540 int code; 00541 int level; 00542 } WOLFSSL_ALERT; 00543 00544 typedef struct WOLFSSL_ALERT_HISTORY { 00545 WOLFSSL_ALERT last_rx; 00546 WOLFSSL_ALERT last_tx; 00547 } WOLFSSL_ALERT_HISTORY; 00548 00549 typedef struct WOLFSSL_X509_REVOKED { 00550 WOLFSSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ 00551 } WOLFSSL_X509_REVOKED; 00552 00553 00554 typedef struct WOLFSSL_X509_OBJECT { 00555 union { 00556 char* ptr; 00557 WOLFSSL_X509 *x509; 00558 WOLFSSL_X509_CRL* crl; /* stunnel dereference */ 00559 } data; 00560 } WOLFSSL_X509_OBJECT; 00561 00562 #define WOLFSSL_ASN1_BOOLEAN int 00563 00564 typedef struct WOLFSSL_BUFFER_INFO { 00565 unsigned char* buffer; 00566 unsigned int length; 00567 } WOLFSSL_BUFFER_INFO; 00568 00569 struct WOLFSSL_X509_STORE_CTX { 00570 WOLFSSL_X509_STORE* store; /* Store full of a CA cert chain */ 00571 WOLFSSL_X509* current_cert; /* current X509 (OPENSSL_EXTRA) */ 00572 #ifdef WOLFSSL_ASIO 00573 WOLFSSL_X509* current_issuer; /* asio dereference */ 00574 #endif 00575 WOLFSSL_X509_CHAIN* sesChain; /* pointer to WOLFSSL_SESSION peer chain */ 00576 WOLFSSL_STACK* chain; 00577 #ifdef OPENSSL_EXTRA 00578 WOLFSSL_X509_VERIFY_PARAM* param; /* certificate validation parameter */ 00579 #endif 00580 char* domain; /* subject CN domain name */ 00581 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 00582 WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */ 00583 #endif 00584 #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_EXTRA) 00585 int depth; /* used in X509_STORE_CTX_*_depth */ 00586 #endif 00587 void* userCtx; /* user ctx */ 00588 int error; /* current error */ 00589 int error_depth; /* index of cert depth for this error */ 00590 int discardSessionCerts; /* so verify callback can flag for discard */ 00591 int totalCerts; /* number of peer cert buffers */ 00592 WOLFSSL_BUFFER_INFO* certs; /* peer certs */ 00593 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb; /* verify callback */ 00594 }; 00595 00596 typedef char* WOLFSSL_STRING; 00597 00598 /* Valid Alert types from page 16/17 00599 * Add alert string to the function wolfSSL_alert_type_string_long in src/ssl.c 00600 */ 00601 enum AlertDescription { 00602 close_notify = 0, 00603 unexpected_message = 10, 00604 bad_record_mac = 20, 00605 record_overflow = 22, 00606 decompression_failure = 30, 00607 handshake_failure = 40, 00608 no_certificate = 41, 00609 bad_certificate = 42, 00610 unsupported_certificate = 43, 00611 certificate_revoked = 44, 00612 certificate_expired = 45, 00613 certificate_unknown = 46, 00614 illegal_parameter = 47, 00615 unknown_ca = 48, 00616 decode_error = 50, 00617 decrypt_error = 51, 00618 #ifdef WOLFSSL_MYSQL_COMPATIBLE 00619 /* catch name conflict for enum protocol with MYSQL build */ 00620 wc_protocol_version = 70, 00621 #else 00622 protocol_version = 70, 00623 #endif 00624 inappropriate_fallback = 86, 00625 no_renegotiation = 100, 00626 missing_extension = 109, 00627 unsupported_extension = 110, /**< RFC 5246, section 7.2.2 */ 00628 unrecognized_name = 112, /**< RFC 6066, section 3 */ 00629 bad_certificate_status_response = 113, /**< RFC 6066, section 8 */ 00630 unknown_psk_identity = 115, /**< RFC 4279, section 2 */ 00631 certificate_required = 116, /**< RFC 8446, section 8.2 */ 00632 no_application_protocol = 120 00633 }; 00634 00635 00636 enum AlertLevel { 00637 alert_warning = 1, 00638 alert_fatal = 2 00639 }; 00640 00641 /* Maximum master key length (SECRET_LEN) */ 00642 #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 00643 /* Maximum number of groups that can be set */ 00644 #define WOLFSSL_MAX_GROUP_COUNT 10 00645 00646 #if defined(HAVE_SECRET_CALLBACK) && defined(WOLFSSL_TLS13) 00647 enum Tls13Secret { 00648 CLIENT_EARLY_TRAFFIC_SECRET, 00649 CLIENT_HANDSHAKE_TRAFFIC_SECRET, 00650 SERVER_HANDSHAKE_TRAFFIC_SECRET, 00651 CLIENT_TRAFFIC_SECRET, 00652 SERVER_TRAFFIC_SECRET, 00653 EARLY_EXPORTER_SECRET, 00654 EXPORTER_SECRET 00655 }; 00656 #endif 00657 00658 00659 typedef WOLFSSL_METHOD* (*wolfSSL_method_func)(void* heap); 00660 00661 /* CTX Method EX Constructor Functions */ 00662 WOLFSSL_API WOLFSSL_METHOD *wolfTLS_client_method_ex(void* heap); 00663 WOLFSSL_API WOLFSSL_METHOD *wolfTLS_server_method_ex(void* heap); 00664 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_method_ex(void* heap); 00665 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method_ex(void* heap); 00666 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method_ex(void* heap); 00667 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_method_ex(void* heap); 00668 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method_ex(void* heap); 00669 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method_ex(void* heap); 00670 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method_ex(void* heap); 00671 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method_ex(void* heap); 00672 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method_ex(void* heap); 00673 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method_ex(void* heap); 00674 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method_ex(void* heap); 00675 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method_ex(void* heap); 00676 #ifdef WOLFSSL_TLS13 00677 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap); 00678 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap); 00679 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap); 00680 #endif 00681 00682 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_method_ex(void* heap); 00683 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method_ex(void* heap); 00684 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_client_method_ex(void* heap); 00685 00686 #ifdef WOLFSSL_DTLS 00687 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_method_ex(void* heap); 00688 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_client_method_ex(void* heap); 00689 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_server_method_ex(void* heap); 00690 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_method_ex(void* heap); 00691 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method_ex(void* heap); 00692 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method_ex(void* heap); 00693 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_method_ex(void* heap); 00694 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap); 00695 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method_ex(void* heap); 00696 #endif 00697 00698 /* CTX Method Constructor Functions */ 00699 WOLFSSL_API WOLFSSL_METHOD *wolfTLS_client_method(void); 00700 WOLFSSL_API WOLFSSL_METHOD *wolfTLS_server_method(void); 00701 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_method(void); 00702 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_method(void); 00703 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void); 00704 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void); 00705 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_method(void); 00706 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void); 00707 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void); 00708 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_method(void); 00709 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void); 00710 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void); 00711 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_method(void); 00712 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void); 00713 WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void); 00714 #ifdef WOLFSSL_TLS13 00715 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_method(void); 00716 WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_server_method(void); 00717 WOLFSSL_ABI WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_client_method(void); 00718 #endif 00719 00720 #ifdef WOLFSSL_DTLS 00721 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_method(void); 00722 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_server_method(void); 00723 WOLFSSL_API WOLFSSL_METHOD *wolfDTLS_client_method(void); 00724 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_method(void); 00725 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method(void); 00726 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method(void); 00727 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_method(void); 00728 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method(void); 00729 WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void); 00730 #endif 00731 00732 #ifdef HAVE_POLY1305 00733 WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL*, int); 00734 #endif 00735 00736 #ifdef WOLFSSL_SESSION_EXPORT 00737 #ifdef WOLFSSL_DTLS 00738 00739 #ifndef WOLFSSL_DTLS_EXPORT_TYPES 00740 typedef int (*wc_dtls_export)(WOLFSSL* ssl, 00741 unsigned char* exportBuffer, unsigned int sz, void* userCtx); 00742 #define WOLFSSL_DTLS_EXPORT_TYPES 00743 #endif /* WOLFSSL_DTLS_EXPORT_TYPES */ 00744 00745 WOLFSSL_API int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf, 00746 unsigned int sz); 00747 WOLFSSL_API int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, 00748 wc_dtls_export func); 00749 WOLFSSL_API int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func); 00750 WOLFSSL_API int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf, 00751 unsigned int* sz); 00752 WOLFSSL_API int wolfSSL_dtls_export_state_only(WOLFSSL* ssl, unsigned char* buf, 00753 unsigned int* sz); 00754 #endif /* WOLFSSL_DTLS */ 00755 #endif /* WOLFSSL_SESSION_EXPORT */ 00756 00757 #ifdef WOLFSSL_STATIC_MEMORY 00758 #ifndef WOLFSSL_MEM_GUARD 00759 #define WOLFSSL_MEM_GUARD 00760 typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS; 00761 typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS; 00762 #endif 00763 WOLFSSL_API int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx, 00764 wolfSSL_method_func method, 00765 unsigned char* buf, unsigned int sz, 00766 int flag, int max); 00767 WOLFSSL_API int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, 00768 WOLFSSL_MEM_STATS* mem_stats); 00769 WOLFSSL_API int wolfSSL_is_static_memory(WOLFSSL* ssl, 00770 WOLFSSL_MEM_CONN_STATS* mem_stats); 00771 #endif 00772 00773 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) 00774 00775 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, 00776 const char*, int); 00777 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, 00778 const char*, int); 00779 00780 #endif 00781 00782 #ifndef NO_CERTS 00783 #define WOLFSSL_LOAD_FLAG_NONE 0x00000000 00784 #define WOLFSSL_LOAD_FLAG_IGNORE_ERR 0x00000001 00785 #define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002 00786 #define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY 0x00000004 00787 00788 #ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS 00789 #define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE 00790 #endif 00791 #endif /* !NO_CERTS */ 00792 00793 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) 00794 00795 WOLFSSL_API int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX*, const char*, 00796 const char*, unsigned int); 00797 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, 00798 const char*, const char*); 00799 #ifdef WOLFSSL_TRUST_PEER_CERT 00800 WOLFSSL_API int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX*, const char*, int); 00801 #endif 00802 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file( 00803 WOLFSSL_CTX*, const char*); 00804 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *, 00805 const char *file, int format); 00806 WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int); 00807 00808 WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); 00809 WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); 00810 WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); 00811 WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, 00812 int); 00813 WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, 00814 int); 00815 WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, 00816 const char*); 00817 WOLFSSL_API int wolfSSL_use_certificate_chain_file_format(WOLFSSL*, 00818 const char *file, int format); 00819 WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int); 00820 00821 #ifdef WOLFSSL_DER_LOAD 00822 WOLFSSL_API int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX*, 00823 const char*, int); 00824 #endif 00825 00826 #ifdef HAVE_NTRU 00827 WOLFSSL_API int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX*, const char*); 00828 /* load NTRU private key blob */ 00829 #endif 00830 00831 #endif /* !NO_FILESYSTEM && !NO_CERTS */ 00832 00833 WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); 00834 WOLFSSL_ABI WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); 00835 #ifdef OPENSSL_EXTRA 00836 WOLFSSL_API int wolfSSL_CTX_up_ref(WOLFSSL_CTX*); 00837 #endif 00838 WOLFSSL_ABI WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); 00839 WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); 00840 WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_get0_param(WOLFSSL* ssl); 00841 WOLFSSL_API int wolfSSL_is_server(WOLFSSL*); 00842 WOLFSSL_API WOLFSSL* wolfSSL_write_dup(WOLFSSL*); 00843 WOLFSSL_ABI WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int); 00844 WOLFSSL_API int wolfSSL_set_write_fd (WOLFSSL*, int); 00845 WOLFSSL_API int wolfSSL_set_read_fd (WOLFSSL*, int); 00846 WOLFSSL_API char* wolfSSL_get_cipher_list(int priority); 00847 WOLFSSL_API char* wolfSSL_get_cipher_list_ex(WOLFSSL* ssl, int priority); 00848 WOLFSSL_API int wolfSSL_get_ciphers(char*, int); 00849 WOLFSSL_API int wolfSSL_get_ciphers_iana(char*, int); 00850 WOLFSSL_API const char* wolfSSL_get_cipher_name(WOLFSSL* ssl); 00851 WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char, 00852 const unsigned char); 00853 WOLFSSL_API const char* wolfSSL_get_cipher_name_iana_from_suite( 00854 const unsigned char, const unsigned char); 00855 WOLFSSL_API const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, 00856 int len); 00857 WOLFSSL_API const char* wolfSSL_get_curve_name(WOLFSSL* ssl); 00858 WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL*); 00859 /* please see note at top of README if you get an error from connect */ 00860 WOLFSSL_ABI WOLFSSL_API int wolfSSL_connect(WOLFSSL*); 00861 WOLFSSL_ABI WOLFSSL_API int wolfSSL_write(WOLFSSL*, const void*, int); 00862 WOLFSSL_ABI WOLFSSL_API int wolfSSL_read(WOLFSSL*, void*, int); 00863 WOLFSSL_API int wolfSSL_peek(WOLFSSL*, void*, int); 00864 WOLFSSL_API int wolfSSL_accept(WOLFSSL*); 00865 WOLFSSL_API int wolfSSL_CTX_mutual_auth(WOLFSSL_CTX* ctx, int req); 00866 WOLFSSL_API int wolfSSL_mutual_auth(WOLFSSL* ssl, int req); 00867 #ifdef WOLFSSL_TLS13 00868 WOLFSSL_API int wolfSSL_send_hrr_cookie(WOLFSSL* ssl, 00869 const unsigned char* secret, unsigned int secretSz); 00870 WOLFSSL_API int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx); 00871 WOLFSSL_API int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl); 00872 WOLFSSL_API int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx); 00873 WOLFSSL_API int wolfSSL_no_dhe_psk(WOLFSSL* ssl); 00874 WOLFSSL_API int wolfSSL_update_keys(WOLFSSL* ssl); 00875 WOLFSSL_API int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx); 00876 WOLFSSL_API int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl); 00877 WOLFSSL_API int wolfSSL_request_certificate(WOLFSSL* ssl); 00878 00879 WOLFSSL_API int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list); 00880 WOLFSSL_API int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list); 00881 00882 WOLFSSL_API int wolfSSL_preferred_group(WOLFSSL* ssl); 00883 WOLFSSL_API int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, 00884 int count); 00885 WOLFSSL_API int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count); 00886 00887 WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL*); 00888 WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*); 00889 00890 #ifdef WOLFSSL_EARLY_DATA 00891 WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx, 00892 unsigned int sz); 00893 WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz); 00894 WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL*, const void*, int, int*); 00895 WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL*, void*, int, int*); 00896 #endif 00897 #endif 00898 WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*); 00899 WOLFSSL_ABI WOLFSSL_API void wolfSSL_free(WOLFSSL*); 00900 WOLFSSL_ABI WOLFSSL_API int wolfSSL_shutdown(WOLFSSL*); 00901 WOLFSSL_API int wolfSSL_send(WOLFSSL*, const void*, int sz, int flags); 00902 WOLFSSL_API int wolfSSL_recv(WOLFSSL*, void*, int sz, int flags); 00903 00904 WOLFSSL_API void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX*, int); 00905 WOLFSSL_API void wolfSSL_set_quiet_shutdown(WOLFSSL*, int); 00906 00907 WOLFSSL_ABI WOLFSSL_API int wolfSSL_get_error(WOLFSSL*, int); 00908 WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *); 00909 00910 WOLFSSL_ABI WOLFSSL_API int wolfSSL_set_session(WOLFSSL*, WOLFSSL_SESSION*); 00911 WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION*, long); 00912 WOLFSSL_ABI WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL*); 00913 WOLFSSL_ABI WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX*, long); 00914 WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, int, int); 00915 00916 #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \ 00917 || defined(WOLFSSL_NGINX) 00918 WOLFSSL_API int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO**, size_t, 00919 WOLFSSL_BIO**, size_t); 00920 00921 WOLFSSL_API int wolfSSL_RSA_padding_add_PKCS1_PSS(WOLFSSL_RSA *rsa, unsigned char *EM, 00922 const unsigned char *mHash, 00923 const WOLFSSL_EVP_MD *Hash, int saltLen); 00924 WOLFSSL_API int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash, 00925 const WOLFSSL_EVP_MD *hashAlg, 00926 const unsigned char *EM, int saltLen); 00927 WOLFSSL_API WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_RSA**); 00928 WOLFSSL_API int wolfSSL_CTX_use_certificate_ASN1(WOLFSSL_CTX*, 00929 int, const unsigned char*); 00930 WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX*, WOLFSSL_RSA*); 00931 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO*, WOLFSSL_EVP_PKEY**); 00932 #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ 00933 00934 #ifdef SESSION_INDEX 00935 WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL* ssl); 00936 WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session); 00937 #endif /* SESSION_INDEX */ 00938 00939 #if defined(SESSION_CERTS) 00940 WOLFSSL_API 00941 WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session); 00942 WOLFSSL_API WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session); 00943 #endif /* SESSION_INDEX && SESSION_CERTS */ 00944 00945 typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); 00946 typedef void (CallbackInfoState)(const WOLFSSL*, int, int); 00947 00948 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 00949 typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, 00950 WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); 00951 typedef int (WOLFSSL_CRYPTO_EX_dup)(WOLFSSL_CRYPTO_EX_DATA* out, 00952 WOLFSSL_CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV, void* arg); 00953 typedef void (WOLFSSL_CRYPTO_EX_free)(void* p, void* ptr, 00954 WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); 00955 00956 WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg, 00957 WOLFSSL_CRYPTO_EX_new* a, WOLFSSL_CRYPTO_EX_dup* b, 00958 WOLFSSL_CRYPTO_EX_free* c); 00959 #endif 00960 00961 WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int, 00962 VerifyCallback verify_callback); 00963 00964 #ifdef OPENSSL_ALL 00965 typedef int (*CertVerifyCallback)(WOLFSSL_X509_STORE_CTX* store, void* arg); 00966 WOLFSSL_API void wolfSSL_CTX_set_cert_verify_callback(WOLFSSL_CTX* ctx, 00967 CertVerifyCallback cb, void* arg); 00968 #endif 00969 00970 WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback); 00971 WOLFSSL_API void wolfSSL_set_verify_result(WOLFSSL*, long); 00972 WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*); 00973 00974 WOLFSSL_ABI WOLFSSL_API int wolfSSL_pending(WOLFSSL*); 00975 00976 WOLFSSL_API void wolfSSL_load_error_strings(void); 00977 WOLFSSL_API int wolfSSL_library_init(void); 00978 WOLFSSL_ABI WOLFSSL_API long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX*, 00979 long); 00980 00981 #ifdef HAVE_SECRET_CALLBACK 00982 typedef int (*SessionSecretCb)(WOLFSSL* ssl, void* secret, int* secretSz, 00983 void* ctx); 00984 WOLFSSL_API int wolfSSL_set_session_secret_cb(WOLFSSL*, SessionSecretCb, 00985 void*); 00986 #ifdef WOLFSSL_TLS13 00987 typedef int (*Tls13SecretCb)(WOLFSSL* ssl, int id, const unsigned char* secret, 00988 int secretSz, void* ctx); 00989 WOLFSSL_API int wolfSSL_set_tls13_secret_cb(WOLFSSL*, Tls13SecretCb, void*); 00990 #endif 00991 #endif /* HAVE_SECRET_CALLBACK */ 00992 00993 /* session cache persistence */ 00994 WOLFSSL_API int wolfSSL_save_session_cache(const char*); 00995 WOLFSSL_API int wolfSSL_restore_session_cache(const char*); 00996 WOLFSSL_API int wolfSSL_memsave_session_cache(void*, int); 00997 WOLFSSL_API int wolfSSL_memrestore_session_cache(const void*, int); 00998 WOLFSSL_API int wolfSSL_get_session_cache_memsize(void); 00999 01000 /* certificate cache persistence, uses ctx since certs are per ctx */ 01001 WOLFSSL_API int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX*, const char*); 01002 WOLFSSL_API int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX*, const char*); 01003 WOLFSSL_API int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX*, void*, int, int*); 01004 WOLFSSL_API int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX*, const void*, int); 01005 WOLFSSL_API int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*); 01006 01007 /* only supports full name from cipher_name[] delimited by : */ 01008 WOLFSSL_API int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*); 01009 WOLFSSL_API int wolfSSL_set_cipher_list(WOLFSSL*, const char*); 01010 01011 /* Nonblocking DTLS helper functions */ 01012 WOLFSSL_API void wolfSSL_dtls_set_using_nonblock(WOLFSSL*, int); 01013 WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL*); 01014 #define wolfSSL_set_using_nonblock wolfSSL_dtls_set_using_nonblock 01015 #define wolfSSL_get_using_nonblock wolfSSL_dtls_get_using_nonblock 01016 /* The old names are deprecated. */ 01017 WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl); 01018 WOLFSSL_API int wolfSSL_DTLSv1_get_timeout(WOLFSSL* ssl, 01019 WOLFSSL_TIMEVAL* timeleft); 01020 WOLFSSL_API void wolfSSL_DTLSv1_set_initial_timeout_duration(WOLFSSL* ssl, 01021 word32 duration_ms); 01022 WOLFSSL_API int wolfSSL_DTLSv1_handle_timeout(WOLFSSL* ssl); 01023 01024 WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int); 01025 WOLFSSL_API int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int); 01026 WOLFSSL_API int wolfSSL_dtls_got_timeout(WOLFSSL* ssl); 01027 WOLFSSL_API int wolfSSL_dtls_retransmit(WOLFSSL*); 01028 WOLFSSL_API int wolfSSL_dtls(WOLFSSL* ssl); 01029 01030 WOLFSSL_API int wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int); 01031 WOLFSSL_API int wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*); 01032 01033 WOLFSSL_API int wolfSSL_CTX_dtls_set_sctp(WOLFSSL_CTX*); 01034 WOLFSSL_API int wolfSSL_dtls_set_sctp(WOLFSSL*); 01035 WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX*, unsigned short); 01036 WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned short); 01037 01038 WOLFSSL_API int wolfSSL_dtls_get_drop_stats(WOLFSSL*, 01039 unsigned int*, unsigned int*); 01040 WOLFSSL_API int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX*, unsigned short); 01041 WOLFSSL_API int wolfSSL_set_secret(WOLFSSL*, unsigned short, 01042 const unsigned char*, unsigned int, 01043 const unsigned char*, const unsigned char*, 01044 const unsigned char*); 01045 WOLFSSL_API int wolfSSL_mcast_read(WOLFSSL*, unsigned short*, void*, int); 01046 WOLFSSL_API int wolfSSL_mcast_peer_add(WOLFSSL*, unsigned short, int); 01047 WOLFSSL_API int wolfSSL_mcast_peer_known(WOLFSSL*, unsigned short); 01048 WOLFSSL_API int wolfSSL_mcast_get_max_peers(void); 01049 typedef int (*CallbackMcastHighwater)(unsigned short peerId, 01050 unsigned int maxSeq, 01051 unsigned int curSeq, void* ctx); 01052 WOLFSSL_API int wolfSSL_CTX_mcast_set_highwater_cb(WOLFSSL_CTX*, 01053 unsigned int, 01054 unsigned int, 01055 unsigned int, 01056 CallbackMcastHighwater); 01057 WOLFSSL_API int wolfSSL_mcast_set_highwater_ctx(WOLFSSL*, void*); 01058 01059 WOLFSSL_API int wolfSSL_ERR_GET_LIB(unsigned long err); 01060 WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err); 01061 WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*); 01062 WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, 01063 unsigned long sz); 01064 WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long); 01065 01066 /* extras */ 01067 01068 01069 /* for now LHASH is not implemented */ 01070 typedef int WOLFSSL_LHASH; 01071 #ifndef WOLF_LHASH_OF 01072 #define WOLF_LHASH_OF(x) WOLFSSL_LHASH 01073 #endif 01074 01075 #ifndef WOLF_STACK_OF 01076 #define WOLF_STACK_OF(x) WOLFSSL_STACK 01077 #endif 01078 #ifndef DECLARE_STACK_OF 01079 #define DECLARE_STACK_OF(x) WOLF_STACK_OF(x); 01080 #endif 01081 01082 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap); 01083 WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk); 01084 WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in); 01085 WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in); 01086 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx); 01087 WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data); 01088 01089 #if defined(HAVE_OCSP) 01090 #include "wolfssl/ocsp.h" 01091 #include "wolfssl/wolfcrypt/asn.h " 01092 #endif 01093 01094 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) 01095 WOLFSSL_API int wolfSSL_sk_ACCESS_DESCRIPTION_push( 01096 WOLF_STACK_OF(ACCESS_DESCRIPTION)* sk, 01097 WOLFSSL_ACCESS_DESCRIPTION* access); 01098 #endif /* defined(OPENSSL_ALL) || defined(WOLFSSL_QT) */ 01099 01100 typedef WOLF_STACK_OF(WOLFSSL_GENERAL_NAME) WOLFSSL_GENERAL_NAMES; 01101 01102 WOLFSSL_API int wolfSSL_sk_X509_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, 01103 WOLFSSL_X509* x509); 01104 WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); 01105 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_dup(WOLFSSL_STACK* sk); 01106 WOLFSSL_API void wolfSSL_sk_X509_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk); 01107 WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_GENERAL_NAME_new(void); 01108 WOLFSSL_API void wolfSSL_GENERAL_NAME_free(WOLFSSL_GENERAL_NAME* gn); 01109 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLF_STACK_OF(WOLFSSL_GENERAL_NAME)* sk, 01110 WOLFSSL_GENERAL_NAME* gn); 01111 WOLFSSL_API WOLFSSL_GENERAL_NAME* wolfSSL_sk_GENERAL_NAME_value( 01112 WOLFSSL_STACK* sk, int i); 01113 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_num(WOLFSSL_STACK* sk); 01114 WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_pop_free(WOLFSSL_STACK* sk, 01115 void (*f) (WOLFSSL_GENERAL_NAME*)); 01116 WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_free(WOLFSSL_STACK* sk); 01117 WOLFSSL_API void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES* name); 01118 WOLFSSL_API int wolfSSL_sk_ACCESS_DESCRIPTION_num(WOLFSSL_STACK* sk); 01119 WOLFSSL_API void wolfSSL_AUTHORITY_INFO_ACCESS_free( 01120 WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION)* sk); 01121 WOLFSSL_API WOLFSSL_ACCESS_DESCRIPTION* wolfSSL_sk_ACCESS_DESCRIPTION_value( 01122 WOLFSSL_STACK* sk, int idx); 01123 WOLFSSL_API void wolfSSL_sk_ACCESS_DESCRIPTION_free(WOLFSSL_STACK* sk); 01124 WOLFSSL_API void wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(WOLFSSL_STACK* sk, 01125 void (*f) (WOLFSSL_ACCESS_DESCRIPTION*)); 01126 WOLFSSL_API void wolfSSL_ACCESS_DESCRIPTION_free(WOLFSSL_ACCESS_DESCRIPTION* access); 01127 WOLFSSL_API void wolfSSL_sk_X509_EXTENSION_pop_free( 01128 WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk, 01129 void (*f) (WOLFSSL_X509_EXTENSION*)); 01130 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* wolfSSL_sk_X509_EXTENSION_new_null(void); 01131 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void); 01132 WOLFSSL_API void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj); 01133 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void); 01134 WOLFSSL_API int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJEXT)* sk, 01135 WOLFSSL_ASN1_OBJECT* obj); 01136 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_sk_ASN1_OBJECT_pop( 01137 WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk); 01138 WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk); 01139 WOLFSSL_API void wolfSSL_sk_ASN1_OBJECT_pop_free( 01140 WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, 01141 void (*f)(WOLFSSL_ASN1_OBJECT*)); 01142 WOLFSSL_API int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in); 01143 WOLFSSL_API int wolfSSL_sk_X509_EXTENSION_num(WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk); 01144 WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_sk_X509_EXTENSION_value( 01145 WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk, int idx); 01146 WOLFSSL_API int wolfSSL_set_ex_data(WOLFSSL*, int, void*); 01147 WOLFSSL_API int wolfSSL_get_shutdown(const WOLFSSL*); 01148 WOLFSSL_API int wolfSSL_set_rfd(WOLFSSL*, int); 01149 WOLFSSL_API int wolfSSL_set_wfd(WOLFSSL*, int); 01150 WOLFSSL_API void wolfSSL_set_shutdown(WOLFSSL*, int); 01151 WOLFSSL_API int wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*, 01152 unsigned int); 01153 WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*); 01154 WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*); 01155 WOLFSSL_API int wolfSSL_session_reused(WOLFSSL*); 01156 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session); 01157 WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session); 01158 WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL*); 01159 01160 WOLFSSL_API const char* wolfSSL_get_version(WOLFSSL*); 01161 WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl); 01162 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*); 01163 WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER*, char*, int); 01164 WOLFSSL_API const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher); 01165 WOLFSSL_API const char* wolfSSL_CIPHER_get_version(const WOLFSSL_CIPHER* cipher); 01166 WOLFSSL_API word32 wolfSSL_CIPHER_get_id(const WOLFSSL_CIPHER* cipher); 01167 WOLFSSL_API const WOLFSSL_CIPHER* wolfSSL_get_cipher_by_value(word16 value); 01168 WOLFSSL_API const char* wolfSSL_SESSION_CIPHER_get_name(WOLFSSL_SESSION* session); 01169 WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*); 01170 WOLFSSL_API void wolfSSL_sk_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk); 01171 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); 01172 /* what's ref count */ 01173 01174 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); 01175 #if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_ALL) 01176 WOLFSSL_API int wolfSSL_RSA_up_ref(WOLFSSL_RSA* rsa); 01177 WOLFSSL_API int wolfSSL_X509_up_ref(WOLFSSL_X509* x509); 01178 WOLFSSL_API int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey); 01179 #endif 01180 01181 WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, 01182 char** path, int* ssl); 01183 01184 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void); 01185 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void); 01186 WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void); 01187 01188 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*); 01189 WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO*); 01190 WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO*); 01191 WOLFSSL_API int wolfSSL_BIO_free_all(WOLFSSL_BIO*); 01192 WOLFSSL_API int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz); 01193 WOLFSSL_API int wolfSSL_BIO_puts(WOLFSSL_BIO* bio, const char* buf); 01194 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_next(WOLFSSL_BIO* bio); 01195 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_find_type(WOLFSSL_BIO* bio, int type); 01196 WOLFSSL_API int wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int); 01197 WOLFSSL_API int wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int); 01198 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append); 01199 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*); 01200 WOLFSSL_API int wolfSSL_BIO_flush(WOLFSSL_BIO*); 01201 WOLFSSL_API int wolfSSL_BIO_pending(WOLFSSL_BIO*); 01202 WOLFSSL_API void wolfSSL_BIO_set_callback(WOLFSSL_BIO *bio, 01203 wolf_bio_info_cb callback_func); 01204 WOLFSSL_API wolf_bio_info_cb wolfSSL_BIO_get_callback(WOLFSSL_BIO *bio); 01205 WOLFSSL_API void wolfSSL_BIO_set_callback_arg(WOLFSSL_BIO *bio, char *arg); 01206 WOLFSSL_API char* wolfSSL_BIO_get_callback_arg(const WOLFSSL_BIO *bio); 01207 01208 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_md(void); 01209 WOLFSSL_API int wolfSSL_BIO_get_md_ctx(WOLFSSL_BIO *bio, 01210 WOLFSSL_EVP_MD_CTX **mdcp); 01211 01212 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void); 01213 WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO*, long size); 01214 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void); 01215 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int flag); 01216 WOLFSSL_API int wolfSSL_BIO_eof(WOLFSSL_BIO*); 01217 01218 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void); 01219 WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void); 01220 WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int); 01221 WOLFSSL_API void wolfSSL_BIO_clear_flags(WOLFSSL_BIO *bio, int flags); 01222 WOLFSSL_API int wolfSSL_BIO_set_ex_data(WOLFSSL_BIO *bio, int idx, void *data); 01223 WOLFSSL_API void *wolfSSL_BIO_get_ex_data(WOLFSSL_BIO *bio, int idx); 01224 WOLFSSL_API long wolfSSL_BIO_set_nbio(WOLFSSL_BIO*, long); 01225 01226 WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p); 01227 01228 WOLFSSL_API void wolfSSL_BIO_set_init(WOLFSSL_BIO*, int); 01229 WOLFSSL_API void wolfSSL_BIO_set_data(WOLFSSL_BIO*, void*); 01230 WOLFSSL_API void* wolfSSL_BIO_get_data(WOLFSSL_BIO*); 01231 WOLFSSL_API void wolfSSL_BIO_set_shutdown(WOLFSSL_BIO*, int); 01232 WOLFSSL_API int wolfSSL_BIO_get_shutdown(WOLFSSL_BIO*); 01233 WOLFSSL_API void wolfSSL_BIO_clear_retry_flags(WOLFSSL_BIO*); 01234 WOLFSSL_API int wolfSSL_BIO_should_retry(WOLFSSL_BIO *bio); 01235 01236 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_meth_new(int, const char*); 01237 WOLFSSL_API void wolfSSL_BIO_meth_free(WOLFSSL_BIO_METHOD*); 01238 WOLFSSL_API int wolfSSL_BIO_meth_set_write(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_write_cb); 01239 WOLFSSL_API int wolfSSL_BIO_meth_set_read(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_read_cb); 01240 WOLFSSL_API int wolfSSL_BIO_meth_set_puts(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_puts_cb); 01241 WOLFSSL_API int wolfSSL_BIO_meth_set_gets(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_gets_cb); 01242 WOLFSSL_API int wolfSSL_BIO_meth_set_ctrl(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_ctrl_get_cb); 01243 WOLFSSL_API int wolfSSL_BIO_meth_set_create(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_create_cb); 01244 WOLFSSL_API int wolfSSL_BIO_meth_set_destroy(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_destroy_cb); 01245 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(const void* buf, int len); 01246 01247 WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag); 01248 #ifndef NO_FILESYSTEM 01249 WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag); 01250 #endif 01251 WOLFSSL_API int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag); 01252 WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr); 01253 01254 #ifndef NO_FILESYSTEM 01255 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void); 01256 #endif 01257 01258 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_bio(void); 01259 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void); 01260 01261 WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, void *parg); 01262 WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg); 01263 01264 WOLFSSL_API int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size); 01265 WOLFSSL_API int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2); 01266 WOLFSSL_API int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b); 01267 WOLFSSL_API int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf); 01268 WOLFSSL_API int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num); 01269 WOLFSSL_API int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num); 01270 WOLFSSL_API int wolfSSL_BIO_reset(WOLFSSL_BIO *bio); 01271 01272 WOLFSSL_API int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs); 01273 WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name); 01274 WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v); 01275 WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m); 01276 WOLFSSL_API int wolfSSL_BIO_get_len(WOLFSSL_BIO *bio); 01277 01278 WOLFSSL_API void wolfSSL_RAND_screen(void); 01279 WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long); 01280 WOLFSSL_API int wolfSSL_RAND_write_file(const char*); 01281 WOLFSSL_API int wolfSSL_RAND_load_file(const char*, long); 01282 WOLFSSL_API int wolfSSL_RAND_egd(const char*); 01283 WOLFSSL_API int wolfSSL_RAND_seed(const void*, int); 01284 WOLFSSL_API void wolfSSL_RAND_Cleanup(void); 01285 WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double); 01286 WOLFSSL_API int wolfSSL_RAND_poll(void); 01287 01288 WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void); 01289 WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void); 01290 WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*); 01291 01292 WOLFSSL_API unsigned long wolfSSL_thread_id(void); 01293 WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void)); 01294 WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, 01295 int)); 01296 WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f) 01297 (const char*, int)); 01298 WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int, 01299 WOLFSSL_dynlock_value*, const char*, int)); 01300 WOLFSSL_API void wolfSSL_set_dynlock_destroy_callback(void (*f) 01301 (WOLFSSL_dynlock_value*, const char*, int)); 01302 WOLFSSL_API int wolfSSL_num_locks(void); 01303 01304 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert( 01305 WOLFSSL_X509_STORE_CTX*); 01306 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX*); 01307 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*); 01308 01309 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_verify_cb(WOLFSSL_X509_STORE_CTX *ctx, 01310 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); 01311 WOLFSSL_API void wolfSSL_X509_STORE_set_verify_cb(WOLFSSL_X509_STORE *st, 01312 WOLFSSL_X509_STORE_CTX_verify_cb verify_cb); 01313 WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n, 01314 unsigned char** out); 01315 #ifndef NO_RSA 01316 WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset); 01317 #endif 01318 WOLFSSL_API int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, 01319 unsigned long nmflags, unsigned long cflag); 01320 WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); 01321 WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, 01322 char*, int); 01323 #if defined(OPENSSL_EXTRA) && defined(XSNPRINTF) 01324 WOLFSSL_API char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME*, char*, int); 01325 #endif 01326 WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name( 01327 WOLFSSL_X509*); 01328 WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name( 01329 WOLFSSL_X509*); 01330 WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int); 01331 WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int); 01332 WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*); 01333 WOLFSSL_API int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509*); 01334 WOLFSSL_API unsigned int wolfSSL_X509_get_pathLength(WOLFSSL_X509*); 01335 WOLFSSL_API unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509*); 01336 WOLFSSL_API unsigned char* wolfSSL_X509_get_authorityKeyID( 01337 WOLFSSL_X509*, unsigned char*, int*); 01338 WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID( 01339 WOLFSSL_X509*, unsigned char*, int*); 01340 01341 WOLFSSL_API int wolfSSL_X509_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey); 01342 WOLFSSL_API int wolfSSL_X509_set_subject_name(WOLFSSL_X509*, 01343 WOLFSSL_X509_NAME*); 01344 WOLFSSL_API int wolfSSL_X509_set_issuer_name(WOLFSSL_X509*, 01345 WOLFSSL_X509_NAME*); 01346 WOLFSSL_API int wolfSSL_X509_set_pubkey(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); 01347 WOLFSSL_API int wolfSSL_X509_set_notAfter(WOLFSSL_X509* x509, 01348 const WOLFSSL_ASN1_TIME* t); 01349 WOLFSSL_API int wolfSSL_X509_set_notBefore(WOLFSSL_X509* x509, 01350 const WOLFSSL_ASN1_TIME* t); 01351 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(const WOLFSSL_X509* x509); 01352 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(const WOLFSSL_X509* x509); 01353 WOLFSSL_API int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, 01354 WOLFSSL_ASN1_INTEGER* s); 01355 WOLFSSL_API int wolfSSL_X509_set_version(WOLFSSL_X509* x509, long v); 01356 WOLFSSL_API int wolfSSL_X509_sign(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey, 01357 const WOLFSSL_EVP_MD* md); 01358 01359 01360 WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); 01361 WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( 01362 WOLFSSL_X509_NAME*, int, char*, int); 01363 WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( 01364 WOLFSSL_X509_NAME*, int, int); 01365 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); 01366 01367 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void); 01368 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type); 01369 WOLFSSL_API int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1); 01370 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn, const unsigned char **in, long len); 01371 WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); 01372 WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, 01373 const void* data, int dataSz); 01374 WOLFSSL_API unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); 01375 WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); 01376 WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); 01377 WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); 01378 WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*); 01379 WOLFSSL_API int wolfSSL_X509_get_signature(WOLFSSL_X509*, unsigned char*, int*); 01380 WOLFSSL_API int wolfSSL_X509_get_pubkey_buffer(WOLFSSL_X509*, unsigned char*, 01381 int*); 01382 WOLFSSL_API int wolfSSL_X509_get_pubkey_type(WOLFSSL_X509* x509); 01383 01384 WOLFSSL_API int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP*,const char*,long); 01385 WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*, 01386 long); 01387 WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void); 01388 WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void); 01389 01390 WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*, 01391 WOLFSSL_X509_LOOKUP_METHOD*); 01392 WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void); 01393 WOLFSSL_API void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE*); 01394 WOLFSSL_API int wolfSSL_X509_STORE_add_cert( 01395 WOLFSSL_X509_STORE*, WOLFSSL_X509*); 01396 WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain( 01397 WOLFSSL_X509_STORE_CTX* ctx); 01398 WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get1_chain( 01399 WOLFSSL_X509_STORE_CTX* ctx); 01400 WOLFSSL_API int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, 01401 unsigned long flag); 01402 WOLFSSL_API int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*); 01403 WOLFSSL_API int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX*, 01404 int, WOLFSSL_X509_NAME*, WOLFSSL_X509_OBJECT*); 01405 WOLFSSL_API WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void); 01406 WOLFSSL_API int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*, 01407 WOLFSSL_X509_STORE*, WOLFSSL_X509*, WOLF_STACK_OF(WOLFSSL_X509)*); 01408 WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*); 01409 WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*); 01410 01411 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*); 01412 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*); 01413 WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj); 01414 01415 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*); 01416 WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*); 01417 WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*); 01418 WOLFSSL_API WOLFSSL_PKCS8_PRIV_KEY_INFO* wolfSSL_d2i_PKCS8_PKEY_bio( 01419 WOLFSSL_BIO* bio, WOLFSSL_PKCS8_PRIV_KEY_INFO** pkey); 01420 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio, 01421 WOLFSSL_EVP_PKEY** out); 01422 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** key, 01423 const unsigned char** in, long inSz); 01424 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, 01425 WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz); 01426 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key, 01427 unsigned char** in, long inSz); 01428 WOLFSSL_API int wolfSSL_i2d_PrivateKey(WOLFSSL_EVP_PKEY* key, 01429 unsigned char** der); 01430 WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); 01431 #ifdef OPENSSL_EXTRA 01432 WOLFSSL_API int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, 01433 time_t *cmpTime); 01434 WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj_ex(WOLFSSL_ASN1_TIME *asnTime, 01435 int offset_day, long offset_sec, time_t *in_tm); 01436 WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj(WOLFSSL_ASN1_TIME *asnTime, 01437 long offset_sec, time_t *in_tm); 01438 WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); 01439 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*, 01440 unsigned long flags, 01441 time_t t); 01442 WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_set_hostflags( 01443 WOLFSSL_X509_VERIFY_PARAM* param, unsigned int flags); 01444 WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_host(WOLFSSL_X509_VERIFY_PARAM* pParam, 01445 const char* name, 01446 unsigned int nameSz); 01447 WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_ip_asc( 01448 WOLFSSL_X509_VERIFY_PARAM *param, const char *ipasc); 01449 #endif 01450 WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*); 01451 WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value( 01452 WOLFSSL_X509_REVOKED*,int); 01453 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*); 01454 WOLFSSL_API void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER*); 01455 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void); 01456 WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup( 01457 const WOLFSSL_ASN1_INTEGER* src); 01458 WOLFSSL_API int wolfSSL_ASN1_INTEGER_set(WOLFSSL_ASN1_INTEGER *a, long v); 01459 01460 WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*); 01461 01462 WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, 01463 char* buf, int len); 01464 WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*, 01465 const WOLFSSL_ASN1_INTEGER*); 01466 WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*); 01467 01468 #ifdef OPENSSL_EXTRA 01469 WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, 01470 WOLFSSL_BIGNUM *bn); 01471 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t, 01472 int, long); 01473 WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void); 01474 WOLFSSL_API void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t); 01475 #endif 01476 01477 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*); 01478 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_CTX_get_client_CA_list( 01479 const WOLFSSL_CTX *s); 01480 /* deprecated function name */ 01481 #define wolfSSL_SSL_CTX_get_client_CA_list wolfSSL_CTX_get_client_CA_list 01482 01483 WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*, 01484 WOLF_STACK_OF(WOLFSSL_X509_NAME)*); 01485 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_get_client_CA_list( 01486 const WOLFSSL* ssl); 01487 01488 typedef int (*client_cert_cb)(WOLFSSL *ssl, WOLFSSL_X509 **x509, 01489 WOLFSSL_EVP_PKEY **pkey); 01490 WOLFSSL_API void wolfSSL_CTX_set_client_cert_cb(WOLFSSL_CTX *ctx, client_cert_cb); 01491 01492 WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data( 01493 WOLFSSL_X509_STORE_CTX* ctx, int idx); 01494 WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_ex_data(WOLFSSL_X509_STORE_CTX* ctx, 01495 int idx, void *data); 01496 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_depth(WOLFSSL_X509_STORE_CTX* ctx, 01497 int depth); 01498 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_current_issuer( 01499 WOLFSSL_X509_STORE_CTX* ctx); 01500 WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_X509_STORE_CTX_get0_store( 01501 WOLFSSL_X509_STORE_CTX* ctx); 01502 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_cert( 01503 WOLFSSL_X509_STORE_CTX*); 01504 WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void); 01505 WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error( 01506 WOLFSSL_X509_STORE_CTX* ctx, int er); 01507 void wolfSSL_X509_STORE_CTX_set_error_depth(WOLFSSL_X509_STORE_CTX* ctx, 01508 int depth); 01509 WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int); 01510 01511 WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*, 01512 void* userdata); 01513 WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, 01514 pem_password_cb*); 01515 WOLFSSL_API pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX *ctx); 01516 WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx); 01517 01518 WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, 01519 void (*)(const WOLFSSL* ssl, int type, int val)); 01520 01521 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void); 01522 WOLFSSL_API int wolfSSL_GET_REASON(int); 01523 01524 WOLFSSL_API const char* wolfSSL_alert_type_string_long(int); 01525 WOLFSSL_API const char* wolfSSL_alert_desc_string_long(int); 01526 WOLFSSL_API const char* wolfSSL_state_string_long(const WOLFSSL*); 01527 01528 WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long, 01529 void(*)(int, int, void*), void*); 01530 WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r, 01531 const unsigned char **pp, long len); 01532 WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA**, 01533 const unsigned char**, long); 01534 WOLFSSL_API int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *r, const unsigned char **pp); 01535 WOLFSSL_API int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *r, unsigned char **pp); 01536 WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX *, 01537 WOLFSSL_RSA *(*)(WOLFSSL *, int, int)); 01538 01539 WOLFSSL_API int wolfSSL_PEM_def_callback(char*, int num, int w, void* key); 01540 01541 WOLFSSL_API long wolfSSL_CTX_sess_accept(WOLFSSL_CTX*); 01542 WOLFSSL_API long wolfSSL_CTX_sess_connect(WOLFSSL_CTX*); 01543 WOLFSSL_API long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX*); 01544 WOLFSSL_API long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX*); 01545 WOLFSSL_API long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX*); 01546 WOLFSSL_API long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX*); 01547 WOLFSSL_API long wolfSSL_CTX_sess_hits(WOLFSSL_CTX*); 01548 WOLFSSL_API long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX*); 01549 WOLFSSL_API long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX*); 01550 WOLFSSL_API long wolfSSL_CTX_sess_misses(WOLFSSL_CTX*); 01551 WOLFSSL_API long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX*); 01552 WOLFSSL_API long wolfSSL_CTX_sess_number(WOLFSSL_CTX*); 01553 01554 WOLFSSL_API long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX*, WOLFSSL_X509*); 01555 WOLFSSL_API long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX*, long); 01556 WOLFSSL_API long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX*); 01557 01558 WOLFSSL_API long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX*); 01559 WOLFSSL_API int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*); 01560 WOLFSSL_API int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX*, int v); 01561 WOLFSSL_API long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX*, void* arg); 01562 WOLFSSL_API long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg( 01563 WOLFSSL_CTX*, void* arg); 01564 WOLFSSL_API int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX*, WOLFSSL_X509*); 01565 WOLFSSL_API int wolfSSL_CTX_set_srp_password(WOLFSSL_CTX*, char*); 01566 WOLFSSL_API int wolfSSL_CTX_set_srp_username(WOLFSSL_CTX*, char*); 01567 01568 WOLFSSL_API long wolfSSL_set_options(WOLFSSL *s, long op); 01569 WOLFSSL_API long wolfSSL_get_options(const WOLFSSL *s); 01570 WOLFSSL_API long wolfSSL_clear_options(WOLFSSL *s, long op); 01571 WOLFSSL_API long wolfSSL_clear_num_renegotiations(WOLFSSL *s); 01572 WOLFSSL_API long wolfSSL_total_renegotiations(WOLFSSL *s); 01573 WOLFSSL_API long wolfSSL_num_renegotiations(WOLFSSL* s); 01574 WOLFSSL_API long wolfSSL_set_tmp_dh(WOLFSSL *s, WOLFSSL_DH *dh); 01575 WOLFSSL_API long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg); 01576 WOLFSSL_API long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type); 01577 WOLFSSL_API long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg); 01578 WOLFSSL_API long wolfSSL_get_tlsext_status_ids(WOLFSSL *s, void *arg); 01579 WOLFSSL_API long wolfSSL_set_tlsext_status_ids(WOLFSSL *s, void *arg); 01580 WOLFSSL_API long wolfSSL_get_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char **resp); 01581 WOLFSSL_API long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, int len); 01582 01583 WOLFSSL_API void wolfSSL_CONF_modules_unload(int all); 01584 WOLFSSL_API char* wolfSSL_CONF_get1_default_config_file(void); 01585 WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg); 01586 WOLFSSL_API long wolfSSL_get_verify_result(const WOLFSSL *ssl); 01587 01588 #define WOLFSSL_DEFAULT_CIPHER_LIST "" /* default all */ 01589 01590 /* These are bit-masks */ 01591 enum { 01592 WOLFSSL_OCSP_URL_OVERRIDE = 1, 01593 WOLFSSL_OCSP_NO_NONCE = 2, 01594 WOLFSSL_OCSP_CHECKALL = 4, 01595 01596 WOLFSSL_CRL_CHECKALL = 1, 01597 WOLFSSL_CRL_CHECK = 2, 01598 }; 01599 01600 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ 01601 defined(HAVE_WEBSERVER) 01602 /* Separated out from other enums because of size */ 01603 enum { 01604 SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00000001, 01605 SSL_OP_NETSCAPE_CHALLENGE_BUG = 0x00000002, 01606 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 0x00000004, 01607 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 0x00000008, 01608 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 0x00000010, 01609 SSL_OP_MSIE_SSLV2_RSA_PADDING = 0x00000020, 01610 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 0x00000040, 01611 SSL_OP_TLS_D5_BUG = 0x00000080, 01612 SSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000100, 01613 SSL_OP_TLS_ROLLBACK_BUG = 0x00000200, 01614 SSL_OP_EPHEMERAL_RSA = 0x00000800, 01615 WOLFSSL_OP_NO_SSLv3 = 0x00001000, 01616 WOLFSSL_OP_NO_TLSv1 = 0x00002000, 01617 SSL_OP_PKCS1_CHECK_1 = 0x00004000, 01618 SSL_OP_PKCS1_CHECK_2 = 0x00008000, 01619 SSL_OP_NETSCAPE_CA_DN_BUG = 0x00010000, 01620 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 0x00020000, 01621 SSL_OP_SINGLE_DH_USE = 0x00040000, 01622 SSL_OP_NO_TICKET = 0x00080000, 01623 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00100000, 01624 SSL_OP_NO_QUERY_MTU = 0x00200000, 01625 SSL_OP_COOKIE_EXCHANGE = 0x00400000, 01626 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00800000, 01627 SSL_OP_SINGLE_ECDH_USE = 0x01000000, 01628 SSL_OP_CIPHER_SERVER_PREFERENCE = 0x02000000, 01629 WOLFSSL_OP_NO_TLSv1_1 = 0x04000000, 01630 WOLFSSL_OP_NO_TLSv1_2 = 0x08000000, 01631 SSL_OP_NO_COMPRESSION = 0x10000000, 01632 WOLFSSL_OP_NO_TLSv1_3 = 0x20000000, 01633 WOLFSSL_OP_NO_SSLv2 = 0x40000000, 01634 SSL_OP_ALL = 01635 (SSL_OP_MICROSOFT_SESS_ID_BUG 01636 | SSL_OP_NETSCAPE_CHALLENGE_BUG 01637 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 01638 | SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 01639 | SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 01640 | SSL_OP_MSIE_SSLV2_RSA_PADDING 01641 | SSL_OP_SSLEAY_080_CLIENT_DH_BUG 01642 | SSL_OP_TLS_D5_BUG 01643 | SSL_OP_TLS_BLOCK_PADDING_BUG 01644 | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 01645 | SSL_OP_TLS_ROLLBACK_BUG), 01646 }; 01647 01648 /* for compatibility these must be macros */ 01649 #define SSL_OP_NO_SSLv2 WOLFSSL_OP_NO_SSLv2 01650 #define SSL_OP_NO_SSLv3 WOLFSSL_OP_NO_SSLv3 01651 #define SSL_OP_NO_TLSv1 WOLFSSL_OP_NO_TLSv1 01652 #define SSL_OP_NO_TLSv1_1 WOLFSSL_OP_NO_TLSv1_1 01653 #define SSL_OP_NO_TLSv1_2 WOLFSSL_OP_NO_TLSv1_2 01654 #if !(!defined(WOLFSSL_TLS13) && defined(WOLFSSL_APACHE_HTTPD)) /* apache uses this to determine if TLS 1.3 is enabled */ 01655 #define SSL_OP_NO_TLSv1_3 WOLFSSL_OP_NO_TLSv1_3 01656 #endif 01657 01658 #define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | \ 01659 SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3) 01660 01661 #define SSL_NOTHING 1 01662 #define SSL_WRITING 2 01663 #define SSL_READING 3 01664 01665 enum { 01666 #ifdef HAVE_OCSP 01667 /* OCSP Flags */ 01668 OCSP_NOCERTS = 1, 01669 OCSP_NOINTERN = 2, 01670 OCSP_NOSIGS = 4, 01671 OCSP_NOCHAIN = 8, 01672 OCSP_NOVERIFY = 16, 01673 OCSP_NOEXPLICIT = 32, 01674 OCSP_NOCASIGN = 64, 01675 OCSP_NODELEGATED = 128, 01676 OCSP_NOCHECKS = 256, 01677 OCSP_TRUSTOTHER = 512, 01678 OCSP_RESPID_KEY = 1024, 01679 OCSP_NOTIME = 2048, 01680 01681 /* OCSP Types */ 01682 OCSP_CERTID = 2, 01683 OCSP_REQUEST = 4, 01684 OCSP_RESPONSE = 8, 01685 OCSP_BASICRESP = 16, 01686 #endif 01687 01688 ASN1_GENERALIZEDTIME = 4, 01689 SSL_MAX_SSL_SESSION_ID_LENGTH = 32, 01690 01691 SSL_ST_CONNECT = 0x1000, 01692 SSL_ST_ACCEPT = 0x2000, 01693 SSL_ST_MASK = 0x0FFF, 01694 01695 SSL_CB_LOOP = 0x01, 01696 SSL_CB_EXIT = 0x02, 01697 SSL_CB_READ = 0x04, 01698 SSL_CB_WRITE = 0x08, 01699 SSL_CB_HANDSHAKE_START = 0x10, 01700 SSL_CB_HANDSHAKE_DONE = 0x20, 01701 SSL_CB_ALERT = 0x4000, 01702 SSL_CB_READ_ALERT = (SSL_CB_ALERT | SSL_CB_READ), 01703 SSL_CB_WRITE_ALERT = (SSL_CB_ALERT | SSL_CB_WRITE), 01704 SSL_CB_ACCEPT_LOOP = (SSL_ST_ACCEPT | SSL_CB_LOOP), 01705 SSL_CB_ACCEPT_EXIT = (SSL_ST_ACCEPT | SSL_CB_EXIT), 01706 SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT | SSL_CB_LOOP), 01707 SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT | SSL_CB_EXIT), 01708 SSL_CB_MODE_READ = 1, 01709 SSL_CB_MODE_WRITE = 2, 01710 01711 SSL_MODE_ENABLE_PARTIAL_WRITE = 2, 01712 SSL_MODE_AUTO_RETRY = 3, /* wolfSSL default is to block with blocking io 01713 * and auto retry */ 01714 SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ 01715 01716 BIO_FLAGS_BASE64_NO_NL = 1, 01717 BIO_CLOSE = 1, 01718 BIO_NOCLOSE = 0, 01719 01720 X509_FILETYPE_PEM = 8, 01721 X509_LU_X509 = 9, 01722 X509_LU_CRL = 12, 01723 01724 X509_V_OK = 0, 01725 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, 01726 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, 01727 X509_V_ERR_CRL_HAS_EXPIRED = 15, 01728 X509_V_ERR_CERT_REVOKED = 16, 01729 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, 01730 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, 01731 X509_V_ERR_CERT_NOT_YET_VALID = 19, 01732 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, 01733 X509_V_ERR_CERT_HAS_EXPIRED = 21, 01734 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, 01735 X509_V_ERR_CERT_REJECTED = 23, 01736 /* Required for Nginx */ 01737 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 24, 01738 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 25, 01739 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 26, 01740 X509_V_ERR_CERT_UNTRUSTED = 27, 01741 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 28, 01742 X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29, 01743 /* additional X509_V_ERR_* enums not used in wolfSSL */ 01744 X509_V_ERR_UNABLE_TO_GET_CRL, 01745 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE, 01746 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE, 01747 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY, 01748 X509_V_ERR_CERT_SIGNATURE_FAILURE, 01749 X509_V_ERR_CRL_NOT_YET_VALID, 01750 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD, 01751 X509_V_ERR_OUT_OF_MEM, 01752 X509_V_ERR_INVALID_CA, 01753 X509_V_ERR_PATH_LENGTH_EXCEEDED, 01754 X509_V_ERR_INVALID_PURPOSE, 01755 X509_V_ERR_AKID_SKID_MISMATCH, 01756 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH, 01757 X509_V_ERR_KEYUSAGE_NO_CERTSIGN, 01758 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER, 01759 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION, 01760 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN, 01761 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION, 01762 X509_V_ERR_INVALID_NON_CA, 01763 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED, 01764 X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE, 01765 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED, 01766 X509_V_ERR_INVALID_EXTENSION, 01767 X509_V_ERR_INVALID_POLICY_EXTENSION, 01768 X509_V_ERR_NO_EXPLICIT_POLICY, 01769 X509_V_ERR_UNNESTED_RESOURCE, 01770 X509_V_ERR_APPLICATION_VERIFICATION, 01771 01772 X509_R_CERT_ALREADY_IN_HASH_TABLE, 01773 01774 XN_FLAG_SPC_EQ = (1 << 23), 01775 XN_FLAG_SEP_CPLUS_SPC = (2 << 16), 01776 XN_FLAG_ONELINE = 0, 01777 XN_FLAG_RFC2253 = 1, 01778 XN_FLAG_DN_REV = (1 << 20), 01779 01780 CRYPTO_LOCK = 1, 01781 CRYPTO_NUM_LOCKS = 10, 01782 01783 ASN1_STRFLGS_ESC_MSB = 4 01784 }; 01785 #endif 01786 01787 /* extras end */ 01788 01789 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) 01790 /* wolfSSL extension, provide last error from SSL_get_error 01791 since not using thread storage error queue */ 01792 #include <stdio.h> 01793 WOLFSSL_API void wolfSSL_ERR_print_errors_fp(XFILE, int err); 01794 #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) 01795 WOLFSSL_API void wolfSSL_ERR_dump_errors_fp(XFILE fp); 01796 WOLFSSL_API void wolfSSL_ERR_print_errors_cb(int (*cb)(const char *str, 01797 size_t len, void *u), void *u); 01798 #endif 01799 #endif 01800 WOLFSSL_API void wolfSSL_ERR_print_errors(WOLFSSL_BIO *bio); 01801 01802 01803 #ifndef NO_OLD_SSL_NAMES 01804 #define SSL_ERROR_NONE WOLFSSL_ERROR_NONE 01805 #define SSL_FAILURE WOLFSSL_FAILURE 01806 #define SSL_SUCCESS WOLFSSL_SUCCESS 01807 #define SSL_SHUTDOWN_NOT_DONE WOLFSSL_SHUTDOWN_NOT_DONE 01808 01809 #define SSL_ALPN_NOT_FOUND WOLFSSL_ALPN_NOT_FOUND 01810 #define SSL_BAD_CERTTYPE WOLFSSL_BAD_CERTTYPE 01811 #define SSL_BAD_STAT WOLFSSL_BAD_STAT 01812 #define SSL_BAD_PATH WOLFSSL_BAD_PATH 01813 #define SSL_BAD_FILETYPE WOLFSSL_BAD_FILETYPE 01814 #define SSL_BAD_FILE WOLFSSL_BAD_FILE 01815 #define SSL_NOT_IMPLEMENTED WOLFSSL_NOT_IMPLEMENTED 01816 #define SSL_UNKNOWN WOLFSSL_UNKNOWN 01817 #define SSL_FATAL_ERROR WOLFSSL_FATAL_ERROR 01818 01819 #define SSL_FILETYPE_ASN1 WOLFSSL_FILETYPE_ASN1 01820 #define SSL_FILETYPE_PEM WOLFSSL_FILETYPE_PEM 01821 #define SSL_FILETYPE_DEFAULT WOLFSSL_FILETYPE_DEFAULT 01822 #define SSL_FILETYPE_RAW WOLFSSL_FILETYPE_RAW 01823 01824 #define SSL_VERIFY_NONE WOLFSSL_VERIFY_NONE 01825 #define SSL_VERIFY_PEER WOLFSSL_VERIFY_PEER 01826 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT 01827 #define SSL_VERIFY_CLIENT_ONCE WOLFSSL_VERIFY_CLIENT_ONCE 01828 #define SSL_VERIFY_FAIL_EXCEPT_PSK WOLFSSL_VERIFY_FAIL_EXCEPT_PSK 01829 01830 #define SSL_SESS_CACHE_OFF WOLFSSL_SESS_CACHE_OFF 01831 #define SSL_SESS_CACHE_CLIENT WOLFSSL_SESS_CACHE_CLIENT 01832 #define SSL_SESS_CACHE_SERVER WOLFSSL_SESS_CACHE_SERVER 01833 #define SSL_SESS_CACHE_BOTH WOLFSSL_SESS_CACHE_BOTH 01834 #define SSL_SESS_CACHE_NO_AUTO_CLEAR WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR 01835 #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP 01836 #define SSL_SESS_CACHE_NO_INTERNAL_STORE WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE 01837 #define SSL_SESS_CACHE_NO_INTERNAL WOLFSSL_SESS_CACHE_NO_INTERNAL 01838 01839 #define SSL_ERROR_WANT_READ WOLFSSL_ERROR_WANT_READ 01840 #define SSL_ERROR_WANT_WRITE WOLFSSL_ERROR_WANT_WRITE 01841 #define SSL_ERROR_WANT_CONNECT WOLFSSL_ERROR_WANT_CONNECT 01842 #define SSL_ERROR_WANT_ACCEPT WOLFSSL_ERROR_WANT_ACCEPT 01843 #define SSL_ERROR_SYSCALL WOLFSSL_ERROR_SYSCALL 01844 #define SSL_ERROR_WANT_X509_LOOKUP WOLFSSL_ERROR_WANT_X509_LOOKUP 01845 #define SSL_ERROR_ZERO_RETURN WOLFSSL_ERROR_ZERO_RETURN 01846 #define SSL_ERROR_SSL WOLFSSL_ERROR_SSL 01847 01848 #define SSL_SENT_SHUTDOWN WOLFSSL_SENT_SHUTDOWN 01849 #define SSL_RECEIVED_SHUTDOWN WOLFSSL_RECEIVED_SHUTDOWN 01850 #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 01851 01852 #define SSL_R_SSL_HANDSHAKE_FAILURE WOLFSSL_R_SSL_HANDSHAKE_FAILURE 01853 #define SSL_R_TLSV1_ALERT_UNKNOWN_CA WOLFSSL_R_TLSV1_ALERT_UNKNOWN_CA 01854 #define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN WOLFSSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 01855 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE WOLFSSL_R_SSLV3_ALERT_BAD_CERTIFICATE 01856 01857 #define PEM_BUFSIZE WOLF_PEM_BUFSIZE 01858 #endif 01859 01860 enum { /* ssl Constants */ 01861 WOLFSSL_ERROR_NONE = 0, /* for most functions */ 01862 WOLFSSL_FAILURE = 0, /* for some functions */ 01863 WOLFSSL_SUCCESS = 1, 01864 WOLFSSL_SHUTDOWN_NOT_DONE = 2, /* call wolfSSL_shutdown again to complete */ 01865 01866 WOLFSSL_ALPN_NOT_FOUND = -9, 01867 WOLFSSL_BAD_CERTTYPE = -8, 01868 WOLFSSL_BAD_STAT = -7, 01869 WOLFSSL_BAD_PATH = -6, 01870 WOLFSSL_BAD_FILETYPE = -5, 01871 WOLFSSL_BAD_FILE = -4, 01872 WOLFSSL_NOT_IMPLEMENTED = -3, 01873 WOLFSSL_UNKNOWN = -2, 01874 WOLFSSL_FATAL_ERROR = -1, 01875 01876 WOLFSSL_FILETYPE_ASN1 = 2, 01877 WOLFSSL_FILETYPE_PEM = 1, 01878 WOLFSSL_FILETYPE_DEFAULT = 2, /* ASN1 */ 01879 WOLFSSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ 01880 01881 WOLFSSL_VERIFY_NONE = 0, 01882 WOLFSSL_VERIFY_PEER = 1, 01883 WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, 01884 WOLFSSL_VERIFY_CLIENT_ONCE = 4, 01885 WOLFSSL_VERIFY_FAIL_EXCEPT_PSK = 8, 01886 01887 WOLFSSL_SESS_CACHE_OFF = 0x0000, 01888 WOLFSSL_SESS_CACHE_CLIENT = 0x0001, 01889 WOLFSSL_SESS_CACHE_SERVER = 0x0002, 01890 WOLFSSL_SESS_CACHE_BOTH = 0x0003, 01891 WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR = 0x0008, 01892 WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 0x0100, 01893 WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE = 0x0200, 01894 WOLFSSL_SESS_CACHE_NO_INTERNAL = 0x0300, 01895 01896 WOLFSSL_ERROR_WANT_READ = 2, 01897 WOLFSSL_ERROR_WANT_WRITE = 3, 01898 WOLFSSL_ERROR_WANT_CONNECT = 7, 01899 WOLFSSL_ERROR_WANT_ACCEPT = 8, 01900 WOLFSSL_ERROR_SYSCALL = 5, 01901 WOLFSSL_ERROR_WANT_X509_LOOKUP = 83, 01902 WOLFSSL_ERROR_ZERO_RETURN = 6, 01903 WOLFSSL_ERROR_SSL = 85, 01904 01905 WOLFSSL_SENT_SHUTDOWN = 1, 01906 WOLFSSL_RECEIVED_SHUTDOWN = 2, 01907 WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, 01908 01909 WOLFSSL_R_SSL_HANDSHAKE_FAILURE = 101, 01910 WOLFSSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, 01911 WOLFSSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, 01912 WOLFSSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, 01913 01914 WOLF_PEM_BUFSIZE = 1024 01915 }; 01916 01917 #ifndef NO_PSK 01918 typedef unsigned int (*wc_psk_client_callback)(WOLFSSL*, const char*, char*, 01919 unsigned int, unsigned char*, unsigned int); 01920 WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*, 01921 wc_psk_client_callback); 01922 WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*, 01923 wc_psk_client_callback); 01924 #ifdef WOLFSSL_TLS13 01925 typedef unsigned int (*wc_psk_client_tls13_callback)(WOLFSSL*, const char*, 01926 char*, unsigned int, unsigned char*, unsigned int, const char**); 01927 WOLFSSL_API void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX*, 01928 wc_psk_client_tls13_callback); 01929 WOLFSSL_API void wolfSSL_set_psk_client_tls13_callback(WOLFSSL*, 01930 wc_psk_client_tls13_callback); 01931 #endif 01932 01933 WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*); 01934 WOLFSSL_API const char* wolfSSL_get_psk_identity(const WOLFSSL*); 01935 01936 WOLFSSL_API int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX*, const char*); 01937 WOLFSSL_API int wolfSSL_use_psk_identity_hint(WOLFSSL*, const char*); 01938 01939 typedef unsigned int (*wc_psk_server_callback)(WOLFSSL*, const char*, 01940 unsigned char*, unsigned int); 01941 WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*, 01942 wc_psk_server_callback); 01943 WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*, 01944 wc_psk_server_callback); 01945 #ifdef WOLFSSL_TLS13 01946 typedef unsigned int (*wc_psk_server_tls13_callback)(WOLFSSL*, const char*, 01947 unsigned char*, unsigned int, const char**); 01948 WOLFSSL_API void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX*, 01949 wc_psk_server_tls13_callback); 01950 WOLFSSL_API void wolfSSL_set_psk_server_tls13_callback(WOLFSSL*, 01951 wc_psk_server_tls13_callback); 01952 #endif 01953 01954 #define PSK_TYPES_DEFINED 01955 #endif /* NO_PSK */ 01956 01957 01958 #ifdef HAVE_ANON 01959 WOLFSSL_API int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*); 01960 #endif /* HAVE_ANON */ 01961 01962 01963 /* extra begins */ 01964 #ifdef OPENSSL_EXTRA 01965 enum { /* ERR Constants */ 01966 ERR_TXT_STRING = 1 01967 }; 01968 01969 /* bio misc */ 01970 enum { 01971 WOLFSSL_BIO_ERROR = -1, 01972 WOLFSSL_BIO_UNSET = -2, 01973 WOLFSSL_BIO_SIZE = 17000 /* default BIO write size if not set */ 01974 }; 01975 #endif 01976 01977 WOLFSSL_API void wolfSSL_ERR_put_error(int lib, int fun, int err, 01978 const char* file, int line); 01979 WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line(const char**, int*); 01980 WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*, 01981 const char**, int *); 01982 01983 WOLFSSL_API unsigned long wolfSSL_ERR_get_error(void); 01984 WOLFSSL_API void wolfSSL_ERR_clear_error(void); 01985 01986 01987 WOLFSSL_API int wolfSSL_RAND_status(void); 01988 WOLFSSL_API int wolfSSL_RAND_pseudo_bytes(unsigned char* buf, int num); 01989 WOLFSSL_API int wolfSSL_RAND_bytes(unsigned char* buf, int num); 01990 WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void); 01991 WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long); 01992 WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx); 01993 WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long); 01994 01995 #ifndef NO_CERTS 01996 WOLFSSL_API int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX*); 01997 #endif /* !NO_CERTS */ 01998 01999 WOLFSSL_API void wolfSSL_ERR_free_strings(void); 02000 WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long); 02001 WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl); 02002 WOLFSSL_API int wolfSSL_state(WOLFSSL* ssl); 02003 02004 WOLFSSL_API void wolfSSL_cleanup_all_ex_data(void); 02005 WOLFSSL_API long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode); 02006 WOLFSSL_API long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx); 02007 WOLFSSL_API void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m); 02008 WOLFSSL_API long wolfSSL_SSL_get_mode(WOLFSSL* ssl); 02009 02010 02011 WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); 02012 WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, 02013 const unsigned char*, unsigned int); 02014 WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL*); 02015 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); 02016 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 02017 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl); 02018 #endif 02019 02020 #ifdef OPENSSL_EXTRA 02021 WOLFSSL_API int wolfSSL_want(WOLFSSL*); 02022 #endif 02023 WOLFSSL_API int wolfSSL_want_read(WOLFSSL*); 02024 WOLFSSL_API int wolfSSL_want_write(WOLFSSL*); 02025 02026 #if !defined(NO_FILESYSTEM) && defined (OPENSSL_EXTRA) 02027 #include <stdarg.h> /* var_arg */ 02028 WOLFSSL_API int wolfSSL_BIO_vprintf(WOLFSSL_BIO* bio, const char* format, 02029 va_list args); 02030 #endif 02031 WOLFSSL_API int wolfSSL_BIO_printf(WOLFSSL_BIO*, const char*, ...); 02032 WOLFSSL_API int wolfSSL_BIO_dump(WOLFSSL_BIO *bio, const char*, int); 02033 WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*, 02034 const WOLFSSL_ASN1_UTCTIME*); 02035 WOLFSSL_API int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO*, 02036 const WOLFSSL_ASN1_GENERALIZEDTIME*); 02037 WOLFSSL_API void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_GENERALIZEDTIME*); 02038 WOLFSSL_API int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME*); 02039 WOLFSSL_API int wolfSSL_ASN1_TIME_diff(int *pday, int *psec, 02040 const WOLFSSL_ASN1_TIME *from, const WOLFSSL_ASN1_TIME *to); 02041 #ifdef OPENSSL_EXTRA 02042 WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t); 02043 #endif 02044 02045 WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk); 02046 WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i); 02047 02048 #if defined(HAVE_EX_DATA) || defined(FORTRESS) 02049 WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, 02050 int idx); 02051 WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx, 02052 void *data); 02053 #endif 02054 02055 /* stunnel 4.28 needs */ 02056 WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int); 02057 WOLFSSL_API int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*); 02058 WOLFSSL_API void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*, 02059 WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*)); 02060 WOLFSSL_API void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*, 02061 int (*f)(WOLFSSL*, WOLFSSL_SESSION*)); 02062 WOLFSSL_API void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*, 02063 void (*f)(WOLFSSL_CTX*, WOLFSSL_SESSION*)); 02064 02065 WOLFSSL_API int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION*,unsigned char**); 02066 WOLFSSL_API WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION**, 02067 const unsigned char**, long); 02068 02069 WOLFSSL_API long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION*); 02070 WOLFSSL_API long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION*); 02071 WOLFSSL_API int wolfSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); 02072 02073 02074 /* extra ends */ 02075 02076 02077 /* wolfSSL extensions */ 02078 02079 /* call before SSL_connect, if verifying will add name check to 02080 date check and signature check */ 02081 WOLFSSL_ABI WOLFSSL_API int wolfSSL_check_domain_name(WOLFSSL*, const char*); 02082 02083 /* need to call once to load library (session cache) */ 02084 WOLFSSL_ABI WOLFSSL_API int wolfSSL_Init(void); 02085 /* call when done to cleanup/free session cache mutex / resources */ 02086 WOLFSSL_ABI WOLFSSL_API int wolfSSL_Cleanup(void); 02087 02088 /* which library version do we have */ 02089 WOLFSSL_API const char* wolfSSL_lib_version(void); 02090 /* which library version do we have in hex */ 02091 WOLFSSL_API word32 wolfSSL_lib_version_hex(void); 02092 02093 /* do accept or connect depedning on side */ 02094 WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl); 02095 /* turn on wolfSSL data compression */ 02096 WOLFSSL_API int wolfSSL_set_compression(WOLFSSL* ssl); 02097 02098 WOLFSSL_ABI WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL*, unsigned int); 02099 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX*, unsigned int); 02100 WOLFSSL_API void wolfSSL_CTX_set_current_time_cb(WOLFSSL_CTX* ctx, 02101 void (*cb)(const WOLFSSL* ssl, WOLFSSL_TIMEVAL* out_clock)); 02102 02103 /* get wolfSSL peer X509_CHAIN */ 02104 WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl); 02105 #ifdef WOLFSSL_ALT_CERT_CHAINS 02106 WOLFSSL_API int wolfSSL_is_peer_alt_cert_chain(const WOLFSSL* ssl); 02107 /* get wolfSSL alternate peer X509_CHAIN */ 02108 WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_alt_chain(WOLFSSL* ssl); 02109 #endif 02110 /* peer chain count */ 02111 WOLFSSL_API int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain); 02112 /* index cert length */ 02113 WOLFSSL_API int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN*, int idx); 02114 /* index cert */ 02115 WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx); 02116 /* index cert in X509 */ 02117 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx); 02118 /* free X509 */ 02119 #define wolfSSL_FreeX509(x509) wolfSSL_X509_free((x509)) 02120 WOLFSSL_ABI WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*); 02121 /* get index cert in PEM */ 02122 WOLFSSL_API int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx, 02123 unsigned char* buf, int inLen, int* outLen); 02124 WOLFSSL_ABI WOLFSSL_API const unsigned char* wolfSSL_get_sessionID( 02125 const WOLFSSL_SESSION* s); 02126 WOLFSSL_API int wolfSSL_X509_get_serial_number(WOLFSSL_X509*,unsigned char*,int*); 02127 WOLFSSL_API char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*); 02128 WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*); 02129 WOLFSSL_API const unsigned char* wolfSSL_X509_get_tbs(WOLFSSL_X509*, int*); 02130 WOLFSSL_ABI WOLFSSL_API const byte* wolfSSL_X509_notBefore(WOLFSSL_X509*); 02131 WOLFSSL_ABI WOLFSSL_API const byte* wolfSSL_X509_notAfter(WOLFSSL_X509*); 02132 WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*); 02133 02134 WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*); 02135 02136 WOLFSSL_ABI WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*); 02137 WOLFSSL_API int wolfSSL_X509_add_altname(WOLFSSL_X509*, const char*, int); 02138 02139 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, 02140 const unsigned char** in, int len); 02141 WOLFSSL_API WOLFSSL_X509* 02142 wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); 02143 WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); 02144 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, 02145 const unsigned char *in, int len); 02146 #ifndef NO_FILESYSTEM 02147 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); 02148 #endif 02149 WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl); 02150 02151 #ifndef NO_FILESYSTEM 02152 #ifndef NO_STDIO_FILESYSTEM 02153 WOLFSSL_API WOLFSSL_X509* 02154 wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file); 02155 #endif 02156 WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509* 02157 wolfSSL_X509_load_certificate_file(const char* fname, int format); 02158 #endif 02159 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_load_certificate_buffer( 02160 const unsigned char* buf, int sz, int format); 02161 02162 #ifdef WOLFSSL_SEP 02163 WOLFSSL_API unsigned char* 02164 wolfSSL_X509_get_device_type(WOLFSSL_X509*, unsigned char*, int*); 02165 WOLFSSL_API unsigned char* 02166 wolfSSL_X509_get_hw_type(WOLFSSL_X509*, unsigned char*, int*); 02167 WOLFSSL_API unsigned char* 02168 wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509*, unsigned char*, int*); 02169 #endif 02170 02171 /* connect enough to get peer cert */ 02172 WOLFSSL_API int wolfSSL_connect_cert(WOLFSSL* ssl); 02173 02174 02175 02176 /* PKCS12 compatibility */ 02177 typedef struct WC_PKCS12 WC_PKCS12; 02178 WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, 02179 WC_PKCS12** pkcs12); 02180 WOLFSSL_API int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12); 02181 #ifndef NO_FILESYSTEM 02182 WOLFSSL_API WOLFSSL_X509_PKCS12* wolfSSL_d2i_PKCS12_fp(XFILE fp, 02183 WOLFSSL_X509_PKCS12** pkcs12); 02184 #endif 02185 WOLFSSL_API int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, 02186 WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, 02187 WOLF_STACK_OF(WOLFSSL_X509)** ca); 02188 WOLFSSL_API WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name, 02189 WOLFSSL_EVP_PKEY* pkey, WOLFSSL_X509* cert, 02190 WOLF_STACK_OF(WOLFSSL_X509)* ca, 02191 int keyNID, int certNID, int itt, int macItt, int keytype); 02192 WOLFSSL_API void wolfSSL_PKCS12_PBE_add(void); 02193 02194 02195 02196 #ifndef NO_DH 02197 /* server Diffie-Hellman parameters */ 02198 WOLFSSL_API int wolfSSL_SetTmpDH(WOLFSSL*, const unsigned char* p, int pSz, 02199 const unsigned char* g, int gSz); 02200 WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long sz, 02201 int format); 02202 WOLFSSL_API int wolfSSL_SetEnableDhKeyTest(WOLFSSL*, int); 02203 #ifndef NO_FILESYSTEM 02204 WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format); 02205 #endif 02206 02207 /* server ctx Diffie-Hellman parameters */ 02208 WOLFSSL_API int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX*, const unsigned char* p, 02209 int pSz, const unsigned char* g, int gSz); 02210 WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char* b, 02211 long sz, int format); 02212 02213 #ifndef NO_FILESYSTEM 02214 WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f, 02215 int format); 02216 #endif 02217 02218 WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, word16); 02219 WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, word16); 02220 WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, word16); 02221 WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, word16); 02222 WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL*); 02223 #endif /* NO_DH */ 02224 02225 #ifndef NO_RSA 02226 WOLFSSL_API int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX*, short); 02227 WOLFSSL_API int wolfSSL_SetMinRsaKey_Sz(WOLFSSL*, short); 02228 #endif /* NO_RSA */ 02229 02230 #ifdef HAVE_ECC 02231 WOLFSSL_API int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX*, short); 02232 WOLFSSL_API int wolfSSL_SetMinEccKey_Sz(WOLFSSL*, short); 02233 #endif /* NO_RSA */ 02234 02235 WOLFSSL_API int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL*, word16); 02236 WOLFSSL_API int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX*, word16); 02237 02238 /* keyblock size in bytes or -1 */ 02239 /* need to call wolfSSL_KeepArrays before handshake to save keys */ 02240 WOLFSSL_API int wolfSSL_get_keyblock_size(WOLFSSL*); 02241 WOLFSSL_API int wolfSSL_get_keys(WOLFSSL*,unsigned char** ms, unsigned int* msLen, 02242 unsigned char** sr, unsigned int* srLen, 02243 unsigned char** cr, unsigned int* crLen); 02244 02245 /* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */ 02246 WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, 02247 const char* label); 02248 02249 02250 #ifndef _WIN32 02251 #ifndef NO_WRITEV 02252 #ifdef __PPU 02253 #include <sys/types.h> 02254 #include <sys/socket.h> 02255 #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \ 02256 !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM) && \ 02257 !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) && \ 02258 !defined(WOLFSSL_CHIBIOS) && !defined(WOLFSSL_CONTIKI) && \ 02259 !defined(WOLFSSL_ZEPHYR) 02260 #include <sys/uio.h> 02261 #endif 02262 /* allow writev style writing */ 02263 WOLFSSL_API int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov, 02264 int iovcnt); 02265 #endif 02266 #endif 02267 02268 02269 #ifndef NO_CERTS 02270 /* SSL_CTX versions */ 02271 WOLFSSL_API int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*); 02272 #ifdef WOLFSSL_TRUST_PEER_CERT 02273 WOLFSSL_API int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX*); 02274 WOLFSSL_API int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX*, 02275 const unsigned char*, long, int); 02276 #endif 02277 WOLFSSL_API int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX*, 02278 const unsigned char*, long, int, 02279 int, word32); 02280 WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX*, 02281 const unsigned char*, long, int); 02282 WOLFSSL_API int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX*, 02283 const unsigned char*, long, int); 02284 WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX*, 02285 const unsigned char*, long, int); 02286 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*, 02287 const unsigned char*, long, int); 02288 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_id(WOLFSSL_CTX*, 02289 const unsigned char*, long, int, long); 02290 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX*, 02291 const unsigned char*, long, int); 02292 WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*, 02293 const unsigned char*, long); 02294 02295 /* SSL versions */ 02296 WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL*, const unsigned char*, 02297 long, int); 02298 WOLFSSL_API int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, 02299 const unsigned char* der, int derSz); 02300 WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*, 02301 long, int); 02302 WOLFSSL_API int wolfSSL_use_PrivateKey_id(WOLFSSL*, const unsigned char*, 02303 long, int, long); 02304 WOLFSSL_API int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL*, 02305 const unsigned char*, long, int); 02306 WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*, 02307 const unsigned char*, long); 02308 WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL*); 02309 02310 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ 02311 defined(KEEP_OUR_CERT) 02312 WOLFSSL_API WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl); 02313 #endif 02314 #endif 02315 02316 WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*); 02317 WOLFSSL_API int wolfSSL_set_group_messages(WOLFSSL*); 02318 02319 02320 #ifdef HAVE_FUZZER 02321 enum fuzzer_type { 02322 FUZZ_HMAC = 0, 02323 FUZZ_ENCRYPT = 1, 02324 FUZZ_SIGNATURE = 2, 02325 FUZZ_HASH = 3, 02326 FUZZ_HEAD = 4 02327 }; 02328 02329 typedef int (*CallbackFuzzer)(WOLFSSL* ssl, const unsigned char* buf, int sz, 02330 int type, void* fuzzCtx); 02331 02332 WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx); 02333 #endif 02334 02335 02336 WOLFSSL_API int wolfSSL_DTLS_SetCookieSecret(WOLFSSL*, const byte*, word32); 02337 02338 02339 /* I/O Callback default errors */ 02340 enum IOerrors { 02341 WOLFSSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */ 02342 WOLFSSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */ 02343 WOLFSSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */ 02344 WOLFSSL_CBIO_ERR_CONN_RST = -3, /* connection reset */ 02345 WOLFSSL_CBIO_ERR_ISR = -4, /* interrupt */ 02346 WOLFSSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */ 02347 WOLFSSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */ 02348 }; 02349 02350 02351 /* CA cache callbacks */ 02352 enum { 02353 WOLFSSL_SSLV3 = 0, 02354 WOLFSSL_TLSV1 = 1, 02355 WOLFSSL_TLSV1_1 = 2, 02356 WOLFSSL_TLSV1_2 = 3, 02357 WOLFSSL_TLSV1_3 = 4, 02358 WOLFSSL_USER_CA = 1, /* user added as trusted */ 02359 WOLFSSL_CHAIN_CA = 2 /* added to cache from trusted chain */ 02360 }; 02361 02362 WOLFSSL_ABI WOLFSSL_API WC_RNG* wolfSSL_GetRNG(WOLFSSL*); 02363 02364 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX*, int); 02365 WOLFSSL_API int wolfSSL_SetMinVersion(WOLFSSL*, int); 02366 WOLFSSL_API int wolfSSL_GetObjectSize(void); /* object size based on build */ 02367 WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void); 02368 WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void); 02369 WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); 02370 WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); 02371 WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); 02372 WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); 02373 02374 /* moved to asn.c, old names kept for backwards compatibility */ 02375 #define wolfSSL_KeyPemToDer wc_KeyPemToDer 02376 #define wolfSSL_CertPemToDer wc_CertPemToDer 02377 #define wolfSSL_PemPubKeyToDer wc_PemPubKeyToDer 02378 #define wolfSSL_PubKeyPemToDer wc_PubKeyPemToDer 02379 #define wolfSSL_PemCertToDer wc_PemCertToDer 02380 02381 02382 typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); 02383 typedef void (*CbMissingCRL)(const char* url); 02384 typedef int (*CbOCSPIO)(void*, const char*, int, 02385 unsigned char*, int, unsigned char**); 02386 typedef void (*CbOCSPRespFree)(void*,unsigned char*); 02387 02388 #ifdef HAVE_CRL_IO 02389 typedef int (*CbCrlIO)(WOLFSSL_CRL* crl, const char* url, int urlSz); 02390 #endif 02391 02392 /* User Atomic Record Layer CallBacks */ 02393 typedef int (*CallbackMacEncrypt)(WOLFSSL* ssl, unsigned char* macOut, 02394 const unsigned char* macIn, unsigned int macInSz, int macContent, 02395 int macVerify, unsigned char* encOut, const unsigned char* encIn, 02396 unsigned int encSz, void* ctx); 02397 WOLFSSL_API void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX*, CallbackMacEncrypt); 02398 WOLFSSL_API void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx); 02399 WOLFSSL_API void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl); 02400 02401 typedef int (*CallbackDecryptVerify)(WOLFSSL* ssl, 02402 unsigned char* decOut, const unsigned char* decIn, 02403 unsigned int decSz, int content, int verify, unsigned int* padSz, 02404 void* ctx); 02405 WOLFSSL_API void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX*, 02406 CallbackDecryptVerify); 02407 WOLFSSL_API void wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx); 02408 WOLFSSL_API void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl); 02409 02410 typedef int (*CallbackEncryptMac)(WOLFSSL* ssl, unsigned char* macOut, 02411 int content, int macVerify, unsigned char* encOut, 02412 const unsigned char* encIn, unsigned int encSz, void* ctx); 02413 WOLFSSL_API void wolfSSL_CTX_SetEncryptMacCb(WOLFSSL_CTX*, CallbackEncryptMac); 02414 WOLFSSL_API void wolfSSL_SetEncryptMacCtx(WOLFSSL* ssl, void *ctx); 02415 WOLFSSL_API void* wolfSSL_GetEncryptMacCtx(WOLFSSL* ssl); 02416 02417 typedef int (*CallbackVerifyDecrypt)(WOLFSSL* ssl, 02418 unsigned char* decOut, const unsigned char* decIn, 02419 unsigned int decSz, int content, int verify, unsigned int* padSz, 02420 void* ctx); 02421 WOLFSSL_API void wolfSSL_CTX_SetVerifyDecryptCb(WOLFSSL_CTX*, 02422 CallbackVerifyDecrypt); 02423 WOLFSSL_API void wolfSSL_SetVerifyDecryptCtx(WOLFSSL* ssl, void *ctx); 02424 WOLFSSL_API void* wolfSSL_GetVerifyDecryptCtx(WOLFSSL* ssl); 02425 02426 WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int); 02427 WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*); 02428 WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*); 02429 WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*); 02430 WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*); 02431 WOLFSSL_API int wolfSSL_GetKeySize(WOLFSSL*); 02432 WOLFSSL_API int wolfSSL_GetIVSize(WOLFSSL*); 02433 WOLFSSL_API int wolfSSL_GetSide(WOLFSSL*); 02434 WOLFSSL_API int wolfSSL_IsTLSv1_1(WOLFSSL*); 02435 WOLFSSL_API int wolfSSL_GetBulkCipher(WOLFSSL*); 02436 WOLFSSL_API int wolfSSL_GetCipherBlockSize(WOLFSSL*); 02437 WOLFSSL_API int wolfSSL_GetAeadMacSize(WOLFSSL*); 02438 WOLFSSL_API int wolfSSL_GetHmacSize(WOLFSSL*); 02439 WOLFSSL_API int wolfSSL_GetHmacType(WOLFSSL*); 02440 WOLFSSL_API int wolfSSL_GetCipherType(WOLFSSL*); 02441 WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL*, unsigned char*, 02442 word32, int, int); 02443 02444 /* Atomic User Needs */ 02445 enum { 02446 WOLFSSL_SERVER_END = 0, 02447 WOLFSSL_CLIENT_END = 1, 02448 WOLFSSL_NEITHER_END = 3, 02449 WOLFSSL_BLOCK_TYPE = 2, 02450 WOLFSSL_STREAM_TYPE = 3, 02451 WOLFSSL_AEAD_TYPE = 4, 02452 WOLFSSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */ 02453 }; 02454 02455 /* for GetBulkCipher and internal use */ 02456 enum BulkCipherAlgorithm { 02457 wolfssl_cipher_null, 02458 wolfssl_rc4, 02459 wolfssl_rc2, 02460 wolfssl_des, 02461 wolfssl_triple_des, /* leading 3 (3des) not valid identifier */ 02462 wolfssl_des40, 02463 #ifdef HAVE_IDEA 02464 wolfssl_idea, 02465 #endif 02466 wolfssl_aes, 02467 wolfssl_aes_gcm, 02468 wolfssl_aes_ccm, 02469 wolfssl_chacha, 02470 wolfssl_camellia, 02471 wolfssl_hc128, /* wolfSSL extensions */ 02472 wolfssl_rabbit 02473 }; 02474 02475 02476 /* for KDF TLS 1.2 mac types */ 02477 enum KDF_MacAlgorithm { 02478 wolfssl_sha256 = 4, /* needs to match hash.h wc_MACAlgorithm */ 02479 wolfssl_sha384, 02480 wolfssl_sha512 02481 }; 02482 02483 02484 /* Public Key Callback support */ 02485 #ifdef HAVE_PK_CALLBACKS 02486 #ifdef HAVE_ECC 02487 02488 struct ecc_key; 02489 02490 typedef int (*CallbackEccKeyGen)(WOLFSSL* ssl, struct ecc_key* key, 02491 unsigned int keySz, int ecc_curve, void* ctx); 02492 WOLFSSL_API void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX*, CallbackEccKeyGen); 02493 WOLFSSL_API void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx); 02494 WOLFSSL_API void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl); 02495 02496 typedef int (*CallbackEccSign)(WOLFSSL* ssl, 02497 const unsigned char* in, unsigned int inSz, 02498 unsigned char* out, word32* outSz, 02499 const unsigned char* keyDer, unsigned int keySz, 02500 void* ctx); 02501 WOLFSSL_ABI WOLFSSL_API void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX*, 02502 CallbackEccSign); 02503 WOLFSSL_API void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx); 02504 WOLFSSL_API void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl); 02505 02506 typedef int (*CallbackEccVerify)(WOLFSSL* ssl, 02507 const unsigned char* sig, unsigned int sigSz, 02508 const unsigned char* hash, unsigned int hashSz, 02509 const unsigned char* keyDer, unsigned int keySz, 02510 int* result, void* ctx); 02511 WOLFSSL_API void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX*, CallbackEccVerify); 02512 WOLFSSL_API void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx); 02513 WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl); 02514 02515 typedef int (*CallbackEccSharedSecret)(WOLFSSL* ssl, struct ecc_key* otherKey, 02516 unsigned char* pubKeyDer, word32* pubKeySz, 02517 unsigned char* out, word32* outlen, 02518 int side, void* ctx); /* side is WOLFSSL_CLIENT_END or WOLFSSL_SERVER_END */ 02519 WOLFSSL_API void wolfSSL_CTX_SetEccSharedSecretCb(WOLFSSL_CTX*, CallbackEccSharedSecret); 02520 WOLFSSL_API void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx); 02521 WOLFSSL_API void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl); 02522 #endif 02523 02524 #ifndef NO_DH 02525 /* Public DH Key Callback support */ 02526 struct DhKey; 02527 typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key, 02528 const unsigned char* priv, unsigned int privSz, 02529 const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz, 02530 unsigned char* out, unsigned int* outlen, 02531 void* ctx); 02532 WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree); 02533 WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx); 02534 WOLFSSL_API void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl); 02535 #endif /* !NO_DH */ 02536 02537 #ifdef HAVE_ED25519 02538 struct ed25519_key; 02539 typedef int (*CallbackEd25519Sign)(WOLFSSL* ssl, 02540 const unsigned char* in, unsigned int inSz, 02541 unsigned char* out, unsigned int* outSz, 02542 const unsigned char* keyDer, unsigned int keySz, 02543 void* ctx); 02544 WOLFSSL_API void wolfSSL_CTX_SetEd25519SignCb(WOLFSSL_CTX*, 02545 CallbackEd25519Sign); 02546 WOLFSSL_API void wolfSSL_SetEd25519SignCtx(WOLFSSL* ssl, void *ctx); 02547 WOLFSSL_API void* wolfSSL_GetEd25519SignCtx(WOLFSSL* ssl); 02548 02549 typedef int (*CallbackEd25519Verify)(WOLFSSL* ssl, 02550 const unsigned char* sig, unsigned int sigSz, 02551 const unsigned char* msg, unsigned int msgSz, 02552 const unsigned char* keyDer, unsigned int keySz, 02553 int* result, void* ctx); 02554 WOLFSSL_API void wolfSSL_CTX_SetEd25519VerifyCb(WOLFSSL_CTX*, 02555 CallbackEd25519Verify); 02556 WOLFSSL_API void wolfSSL_SetEd25519VerifyCtx(WOLFSSL* ssl, void *ctx); 02557 WOLFSSL_API void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl); 02558 #endif 02559 02560 #ifdef HAVE_CURVE25519 02561 struct curve25519_key; 02562 02563 typedef int (*CallbackX25519KeyGen)(WOLFSSL* ssl, struct curve25519_key* key, 02564 unsigned int keySz, void* ctx); 02565 WOLFSSL_API void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX*, CallbackX25519KeyGen); 02566 WOLFSSL_API void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx); 02567 WOLFSSL_API void* wolfSSL_GetX25519KeyGenCtx(WOLFSSL* ssl); 02568 02569 typedef int (*CallbackX25519SharedSecret)(WOLFSSL* ssl, 02570 struct curve25519_key* otherKey, 02571 unsigned char* pubKeyDer, unsigned int* pubKeySz, 02572 unsigned char* out, unsigned int* outlen, 02573 int side, void* ctx); 02574 /* side is WOLFSSL_CLIENT_END or WOLFSSL_SERVER_END */ 02575 WOLFSSL_API void wolfSSL_CTX_SetX25519SharedSecretCb(WOLFSSL_CTX*, 02576 CallbackX25519SharedSecret); 02577 WOLFSSL_API void wolfSSL_SetX25519SharedSecretCtx(WOLFSSL* ssl, void *ctx); 02578 WOLFSSL_API void* wolfSSL_GetX25519SharedSecretCtx(WOLFSSL* ssl); 02579 #endif 02580 02581 #ifdef HAVE_ED448 02582 struct ed448_key; 02583 typedef int (*CallbackEd448Sign)(WOLFSSL* ssl, 02584 const unsigned char* in, unsigned int inSz, 02585 unsigned char* out, unsigned int* outSz, 02586 const unsigned char* keyDer, unsigned int keySz, 02587 void* ctx); 02588 WOLFSSL_API void wolfSSL_CTX_SetEd448SignCb(WOLFSSL_CTX*, 02589 CallbackEd448Sign); 02590 WOLFSSL_API void wolfSSL_SetEd448SignCtx(WOLFSSL* ssl, void *ctx); 02591 WOLFSSL_API void* wolfSSL_GetEd448SignCtx(WOLFSSL* ssl); 02592 02593 typedef int (*CallbackEd448Verify)(WOLFSSL* ssl, 02594 const unsigned char* sig, unsigned int sigSz, 02595 const unsigned char* msg, unsigned int msgSz, 02596 const unsigned char* keyDer, unsigned int keySz, 02597 int* result, void* ctx); 02598 WOLFSSL_API void wolfSSL_CTX_SetEd448VerifyCb(WOLFSSL_CTX*, 02599 CallbackEd448Verify); 02600 WOLFSSL_API void wolfSSL_SetEd448VerifyCtx(WOLFSSL* ssl, void *ctx); 02601 WOLFSSL_API void* wolfSSL_GetEd448VerifyCtx(WOLFSSL* ssl); 02602 #endif 02603 02604 #ifdef HAVE_CURVE448 02605 struct curve448_key; 02606 02607 typedef int (*CallbackX448KeyGen)(WOLFSSL* ssl, struct curve448_key* key, 02608 unsigned int keySz, void* ctx); 02609 WOLFSSL_API void wolfSSL_CTX_SetX448KeyGenCb(WOLFSSL_CTX*, CallbackX448KeyGen); 02610 WOLFSSL_API void wolfSSL_SetX448KeyGenCtx(WOLFSSL* ssl, void *ctx); 02611 WOLFSSL_API void* wolfSSL_GetX448KeyGenCtx(WOLFSSL* ssl); 02612 02613 typedef int (*CallbackX448SharedSecret)(WOLFSSL* ssl, 02614 struct curve448_key* otherKey, 02615 unsigned char* pubKeyDer, unsigned int* pubKeySz, 02616 unsigned char* out, unsigned int* outlen, 02617 int side, void* ctx); 02618 /* side is WOLFSSL_CLIENT_END or WOLFSSL_SERVER_END */ 02619 WOLFSSL_API void wolfSSL_CTX_SetX448SharedSecretCb(WOLFSSL_CTX*, 02620 CallbackX448SharedSecret); 02621 WOLFSSL_API void wolfSSL_SetX448SharedSecretCtx(WOLFSSL* ssl, void *ctx); 02622 WOLFSSL_API void* wolfSSL_GetX448SharedSecretCtx(WOLFSSL* ssl); 02623 #endif 02624 02625 #ifndef NO_RSA 02626 typedef int (*CallbackRsaSign)(WOLFSSL* ssl, 02627 const unsigned char* in, unsigned int inSz, 02628 unsigned char* out, unsigned int* outSz, 02629 const unsigned char* keyDer, unsigned int keySz, 02630 void* ctx); 02631 WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign); 02632 WOLFSSL_API void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx); 02633 WOLFSSL_API void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl); 02634 02635 typedef int (*CallbackRsaVerify)(WOLFSSL* ssl, 02636 unsigned char* sig, unsigned int sigSz, 02637 unsigned char** out, 02638 const unsigned char* keyDer, unsigned int keySz, 02639 void* ctx); 02640 WOLFSSL_API void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX*, CallbackRsaVerify); 02641 WOLFSSL_API void wolfSSL_CTX_SetRsaSignCheckCb(WOLFSSL_CTX*, CallbackRsaVerify); 02642 WOLFSSL_API void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx); 02643 WOLFSSL_API void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl); 02644 02645 #ifdef WC_RSA_PSS 02646 typedef int (*CallbackRsaPssSign)(WOLFSSL* ssl, 02647 const unsigned char* in, unsigned int inSz, 02648 unsigned char* out, unsigned int* outSz, 02649 int hash, int mgf, 02650 const unsigned char* keyDer, unsigned int keySz, 02651 void* ctx); 02652 WOLFSSL_API void wolfSSL_CTX_SetRsaPssSignCb(WOLFSSL_CTX*, CallbackRsaPssSign); 02653 WOLFSSL_API void wolfSSL_SetRsaPssSignCtx(WOLFSSL* ssl, void *ctx); 02654 WOLFSSL_API void* wolfSSL_GetRsaPssSignCtx(WOLFSSL* ssl); 02655 02656 typedef int (*CallbackRsaPssVerify)(WOLFSSL* ssl, 02657 unsigned char* sig, unsigned int sigSz, 02658 unsigned char** out, 02659 int hash, int mgf, 02660 const unsigned char* keyDer, unsigned int keySz, 02661 void* ctx); 02662 WOLFSSL_API void wolfSSL_CTX_SetRsaPssVerifyCb(WOLFSSL_CTX*, 02663 CallbackRsaPssVerify); 02664 WOLFSSL_API void wolfSSL_CTX_SetRsaPssSignCheckCb(WOLFSSL_CTX*, 02665 CallbackRsaPssVerify); 02666 WOLFSSL_API void wolfSSL_SetRsaPssVerifyCtx(WOLFSSL* ssl, void *ctx); 02667 WOLFSSL_API void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl); 02668 #endif 02669 02670 /* RSA Public Encrypt cb */ 02671 typedef int (*CallbackRsaEnc)(WOLFSSL* ssl, 02672 const unsigned char* in, unsigned int inSz, 02673 unsigned char* out, unsigned int* outSz, 02674 const unsigned char* keyDer, unsigned int keySz, 02675 void* ctx); 02676 WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc); 02677 WOLFSSL_API void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx); 02678 WOLFSSL_API void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl); 02679 02680 /* RSA Private Decrypt cb */ 02681 typedef int (*CallbackRsaDec)(WOLFSSL* ssl, 02682 unsigned char* in, unsigned int inSz, 02683 unsigned char** out, 02684 const unsigned char* keyDer, unsigned int keySz, 02685 void* ctx); 02686 WOLFSSL_API void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX*, CallbackRsaDec); 02687 WOLFSSL_API void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx); 02688 WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl); 02689 #endif 02690 #endif /* HAVE_PK_CALLBACKS */ 02691 02692 #ifndef NO_CERTS 02693 WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX*, CallbackCACache); 02694 02695 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX*); 02696 02697 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap); 02698 WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void); 02699 WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*); 02700 02701 WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f, 02702 const char* d); 02703 WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER*, 02704 const unsigned char* in, long sz, int format); 02705 WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm); 02706 #ifdef WOLFSSL_TRUST_PEER_CERT 02707 WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm); 02708 #endif 02709 WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER*, const char* f, 02710 int format); 02711 WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, 02712 const unsigned char* buff, long sz, int format); 02713 WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER*, 02714 unsigned char*, int sz); 02715 WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER*, 02716 int options); 02717 WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*); 02718 WOLFSSL_API void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, 02719 VerifyCallback vc); 02720 WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*, 02721 const char*, int, int); 02722 WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER*, 02723 const unsigned char*, long sz, int); 02724 WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER*, 02725 CbMissingCRL); 02726 WOLFSSL_API int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER *); 02727 #ifdef HAVE_CRL_IO 02728 WOLFSSL_API int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER*, 02729 CbCrlIO); 02730 #endif 02731 #if defined(HAVE_OCSP) 02732 WOLFSSL_API int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *, 02733 byte *response, int responseSz, WOLFSSL_BUFFER_INFO *responseBuffer, 02734 CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest); 02735 #endif 02736 WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER*, 02737 unsigned char*, int sz); 02738 WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER*, 02739 int options); 02740 WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*); 02741 WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER*, 02742 const char*); 02743 WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*, 02744 CbOCSPIO, CbOCSPRespFree, void*); 02745 02746 WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling( 02747 WOLFSSL_CERT_MANAGER* cm); 02748 WOLFSSL_API int wolfSSL_CertManagerDisableOCSPStapling( 02749 WOLFSSL_CERT_MANAGER* cm); 02750 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM) 02751 WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm); 02752 #endif 02753 WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options); 02754 WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl); 02755 WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int); 02756 WOLFSSL_API int wolfSSL_LoadCRLBuffer(WOLFSSL*, 02757 const unsigned char*, long sz, int); 02758 WOLFSSL_API int wolfSSL_SetCRL_Cb(WOLFSSL*, CbMissingCRL); 02759 #ifdef HAVE_CRL_IO 02760 WOLFSSL_API int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb); 02761 #endif 02762 WOLFSSL_API int wolfSSL_EnableOCSP(WOLFSSL*, int options); 02763 WOLFSSL_API int wolfSSL_DisableOCSP(WOLFSSL*); 02764 WOLFSSL_API int wolfSSL_SetOCSP_OverrideURL(WOLFSSL*, const char*); 02765 WOLFSSL_API int wolfSSL_SetOCSP_Cb(WOLFSSL*, CbOCSPIO, CbOCSPRespFree, void*); 02766 WOLFSSL_API int wolfSSL_EnableOCSPStapling(WOLFSSL*); 02767 WOLFSSL_API int wolfSSL_DisableOCSPStapling(WOLFSSL*); 02768 02769 WOLFSSL_API int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options); 02770 WOLFSSL_API int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx); 02771 WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX*, const char*, int, int); 02772 WOLFSSL_API int wolfSSL_CTX_LoadCRLBuffer(WOLFSSL_CTX*, 02773 const unsigned char*, long sz, int); 02774 WOLFSSL_API int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX*, CbMissingCRL); 02775 #ifdef HAVE_CRL_IO 02776 WOLFSSL_API int wolfSSL_CTX_SetCRL_IOCb(WOLFSSL_CTX*, CbCrlIO); 02777 #endif 02778 02779 WOLFSSL_API int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX*, int options); 02780 WOLFSSL_API int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*); 02781 WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*); 02782 WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*, 02783 CbOCSPIO, CbOCSPRespFree, void*); 02784 WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*); 02785 WOLFSSL_API int wolfSSL_CTX_DisableOCSPStapling(WOLFSSL_CTX*); 02786 #endif /* !NO_CERTS */ 02787 02788 02789 #ifdef SINGLE_THREADED 02790 WOLFSSL_API int wolfSSL_CTX_new_rng(WOLFSSL_CTX*); 02791 #endif 02792 02793 /* end of handshake frees temporary arrays, if user needs for get_keys or 02794 psk hints, call KeepArrays before handshake and then FreeArrays when done 02795 if don't want to wait for object free */ 02796 WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL*); 02797 WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL*); 02798 02799 WOLFSSL_API int wolfSSL_KeepHandshakeResources(WOLFSSL* ssl); 02800 WOLFSSL_API int wolfSSL_FreeHandshakeResources(WOLFSSL* ssl); 02801 02802 WOLFSSL_API int wolfSSL_CTX_UseClientSuites(WOLFSSL_CTX* ctx); 02803 WOLFSSL_API int wolfSSL_UseClientSuites(WOLFSSL* ssl); 02804 02805 /* async additions */ 02806 #define wolfSSL_UseAsync wolfSSL_SetDevId 02807 #define wolfSSL_CTX_UseAsync wolfSSL_CTX_SetDevId 02808 WOLFSSL_ABI WOLFSSL_API int wolfSSL_SetDevId(WOLFSSL*, int devId); 02809 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_SetDevId(WOLFSSL_CTX*, int devId); 02810 02811 /* helpers to get device id and heap */ 02812 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_GetDevId(WOLFSSL_CTX*, WOLFSSL*); 02813 WOLFSSL_API void* wolfSSL_CTX_GetHeap(WOLFSSL_CTX* ctx, WOLFSSL* ssl); 02814 02815 /* TLS Extensions */ 02816 02817 /* Server Name Indication */ 02818 #ifdef HAVE_SNI 02819 02820 /* SNI types */ 02821 enum { 02822 WOLFSSL_SNI_HOST_NAME = 0 02823 }; 02824 02825 WOLFSSL_ABI WOLFSSL_API int wolfSSL_UseSNI(WOLFSSL*, unsigned char, 02826 const void*, unsigned short); 02827 WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_UseSNI(WOLFSSL_CTX*, unsigned char, 02828 const void*, unsigned short); 02829 02830 #ifndef NO_WOLFSSL_SERVER 02831 02832 /* SNI options */ 02833 enum { 02834 /* Do not abort the handshake if the requested SNI didn't match. */ 02835 WOLFSSL_SNI_CONTINUE_ON_MISMATCH = 0x01, 02836 02837 /* Behave as if the requested SNI matched in a case of mismatch. */ 02838 /* In this case, the status will be set to WOLFSSL_SNI_FAKE_MATCH. */ 02839 WOLFSSL_SNI_ANSWER_ON_MISMATCH = 0x02, 02840 02841 /* Abort the handshake if the client didn't send a SNI request. */ 02842 WOLFSSL_SNI_ABORT_ON_ABSENCE = 0x04, 02843 }; 02844 02845 WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type, 02846 unsigned char options); 02847 WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, 02848 unsigned char type, unsigned char options); 02849 WOLFSSL_API int wolfSSL_SNI_GetFromBuffer( 02850 const unsigned char* clientHello, unsigned int helloSz, 02851 unsigned char type, unsigned char* sni, unsigned int* inOutSz); 02852 02853 #endif /* NO_WOLFSSL_SERVER */ 02854 02855 /* SNI status */ 02856 enum { 02857 WOLFSSL_SNI_NO_MATCH = 0, 02858 WOLFSSL_SNI_FAKE_MATCH = 1, /**< @see WOLFSSL_SNI_ANSWER_ON_MISMATCH */ 02859 WOLFSSL_SNI_REAL_MATCH = 2, 02860 WOLFSSL_SNI_FORCE_KEEP = 3 /** Used with -DWOLFSSL_ALWAYS_KEEP_SNI */ 02861 }; 02862 02863 WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type); 02864 02865 WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, 02866 unsigned char type, void** data); 02867 02868 #endif /* HAVE_SNI */ 02869 02870 /* Trusted CA Key Indication - RFC 6066 (Section 6) */ 02871 #ifdef HAVE_TRUSTED_CA 02872 02873 /* TCA Identifier Type */ 02874 enum { 02875 WOLFSSL_TRUSTED_CA_PRE_AGREED = 0, 02876 WOLFSSL_TRUSTED_CA_KEY_SHA1 = 1, 02877 WOLFSSL_TRUSTED_CA_X509_NAME = 2, 02878 WOLFSSL_TRUSTED_CA_CERT_SHA1 = 3 02879 }; 02880 02881 WOLFSSL_API int wolfSSL_UseTrustedCA(WOLFSSL* ssl, unsigned char type, 02882 const unsigned char* certId, unsigned int certIdSz); 02883 #endif /* HAVE_TRUSTED_CA */ 02884 02885 /* Application-Layer Protocol Negotiation */ 02886 #ifdef HAVE_ALPN 02887 02888 /* ALPN status code */ 02889 enum { 02890 WOLFSSL_ALPN_NO_MATCH = 0, 02891 WOLFSSL_ALPN_MATCH = 1, 02892 WOLFSSL_ALPN_CONTINUE_ON_MISMATCH = 2, 02893 WOLFSSL_ALPN_FAILED_ON_MISMATCH = 4, 02894 }; 02895 02896 enum { 02897 WOLFSSL_MAX_ALPN_PROTO_NAME_LEN = 255, 02898 WOLFSSL_MAX_ALPN_NUMBER = 257 02899 }; 02900 02901 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 02902 typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out, 02903 unsigned char* outLen, const unsigned char* in, unsigned int inLen, 02904 void *arg); 02905 #endif 02906 02907 WOLFSSL_ABI WOLFSSL_API int wolfSSL_UseALPN(WOLFSSL* ssl, 02908 char *protocol_name_list, 02909 unsigned int protocol_name_listSz, 02910 unsigned char options); 02911 02912 WOLFSSL_API int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name, 02913 unsigned short *size); 02914 02915 WOLFSSL_API int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list, 02916 unsigned short *listSz); 02917 WOLFSSL_API int wolfSSL_ALPN_FreePeerProtocol(WOLFSSL* ssl, char **list); 02918 #endif /* HAVE_ALPN */ 02919 02920 /* Maximum Fragment Length */ 02921 #ifdef HAVE_MAX_FRAGMENT 02922 02923 /* Fragment lengths */ 02924 enum { 02925 WOLFSSL_MFL_2_9 = 1, /* 512 bytes */ 02926 WOLFSSL_MFL_2_10 = 2, /* 1024 bytes */ 02927 WOLFSSL_MFL_2_11 = 3, /* 2048 bytes */ 02928 WOLFSSL_MFL_2_12 = 4, /* 4096 bytes */ 02929 WOLFSSL_MFL_2_13 = 5, /* 8192 bytes *//* wolfSSL ONLY!!! */ 02930 WOLFSSL_MFL_2_8 = 6, /* 256 bytes *//* wolfSSL ONLY!!! */ 02931 WOLFSSL_MFL_MIN = WOLFSSL_MFL_2_9, 02932 WOLFSSL_MFL_MAX = WOLFSSL_MFL_2_8, 02933 }; 02934 02935 #ifndef NO_WOLFSSL_CLIENT 02936 02937 WOLFSSL_API int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl); 02938 WOLFSSL_API int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl); 02939 02940 #endif 02941 #endif /* HAVE_MAX_FRAGMENT */ 02942 02943 /* Truncated HMAC */ 02944 #ifdef HAVE_TRUNCATED_HMAC 02945 #ifndef NO_WOLFSSL_CLIENT 02946 02947 WOLFSSL_API int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl); 02948 WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx); 02949 02950 #endif 02951 #endif 02952 02953 /* Certificate Status Request */ 02954 /* Certificate Status Type */ 02955 enum { 02956 WOLFSSL_CSR_OCSP = 1 02957 }; 02958 02959 /* Certificate Status Options (flags) */ 02960 enum { 02961 WOLFSSL_CSR_OCSP_USE_NONCE = 0x01 02962 }; 02963 02964 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST 02965 #ifndef NO_WOLFSSL_CLIENT 02966 02967 WOLFSSL_API int wolfSSL_UseOCSPStapling(WOLFSSL* ssl, 02968 unsigned char status_type, unsigned char options); 02969 02970 WOLFSSL_API int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx, 02971 unsigned char status_type, unsigned char options); 02972 02973 #endif 02974 #endif 02975 02976 /* Certificate Status Request v2 */ 02977 /* Certificate Status Type */ 02978 enum { 02979 WOLFSSL_CSR2_OCSP = 1, 02980 WOLFSSL_CSR2_OCSP_MULTI = 2 02981 }; 02982 02983 /* Certificate Status v2 Options (flags) */ 02984 enum { 02985 WOLFSSL_CSR2_OCSP_USE_NONCE = 0x01 02986 }; 02987 02988 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 02989 #ifndef NO_WOLFSSL_CLIENT 02990 02991 WOLFSSL_API int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl, 02992 unsigned char status_type, unsigned char options); 02993 02994 WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx, 02995 unsigned char status_type, unsigned char options); 02996 02997 #endif 02998 #endif 02999 03000 /* Named Groups */ 03001 enum { 03002 #if 0 /* Not Supported */ 03003 WOLFSSL_ECC_SECT163K1 = 1, 03004 WOLFSSL_ECC_SECT163R1 = 2, 03005 WOLFSSL_ECC_SECT163R2 = 3, 03006 WOLFSSL_ECC_SECT193R1 = 4, 03007 WOLFSSL_ECC_SECT193R2 = 5, 03008 WOLFSSL_ECC_SECT233K1 = 6, 03009 WOLFSSL_ECC_SECT233R1 = 7, 03010 WOLFSSL_ECC_SECT239K1 = 8, 03011 WOLFSSL_ECC_SECT283K1 = 9, 03012 WOLFSSL_ECC_SECT283R1 = 10, 03013 WOLFSSL_ECC_SECT409K1 = 11, 03014 WOLFSSL_ECC_SECT409R1 = 12, 03015 WOLFSSL_ECC_SECT571K1 = 13, 03016 WOLFSSL_ECC_SECT571R1 = 14, 03017 #endif 03018 WOLFSSL_ECC_SECP160K1 = 15, 03019 WOLFSSL_ECC_SECP160R1 = 16, 03020 WOLFSSL_ECC_SECP160R2 = 17, 03021 WOLFSSL_ECC_SECP192K1 = 18, 03022 WOLFSSL_ECC_SECP192R1 = 19, 03023 WOLFSSL_ECC_SECP224K1 = 20, 03024 WOLFSSL_ECC_SECP224R1 = 21, 03025 WOLFSSL_ECC_SECP256K1 = 22, 03026 WOLFSSL_ECC_SECP256R1 = 23, 03027 WOLFSSL_ECC_SECP384R1 = 24, 03028 WOLFSSL_ECC_SECP521R1 = 25, 03029 WOLFSSL_ECC_BRAINPOOLP256R1 = 26, 03030 WOLFSSL_ECC_BRAINPOOLP384R1 = 27, 03031 WOLFSSL_ECC_BRAINPOOLP512R1 = 28, 03032 WOLFSSL_ECC_X25519 = 29, 03033 WOLFSSL_ECC_X448 = 30, 03034 03035 WOLFSSL_FFDHE_2048 = 256, 03036 WOLFSSL_FFDHE_3072 = 257, 03037 WOLFSSL_FFDHE_4096 = 258, 03038 WOLFSSL_FFDHE_6144 = 259, 03039 WOLFSSL_FFDHE_8192 = 260, 03040 }; 03041 03042 enum { 03043 WOLFSSL_EC_PF_UNCOMPRESSED = 0, 03044 #if 0 /* Not Supported */ 03045 WOLFSSL_EC_PF_X962_COMP_PRIME = 1, 03046 WOLFSSL_EC_PF_X962_COMP_CHAR2 = 2, 03047 #endif 03048 }; 03049 03050 #ifdef HAVE_SUPPORTED_CURVES 03051 #ifndef NO_WOLFSSL_CLIENT 03052 03053 WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name); 03054 WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, 03055 word16 name); 03056 03057 #endif 03058 #endif 03059 03060 #ifdef WOLFSSL_TLS13 03061 WOLFSSL_API int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group); 03062 WOLFSSL_API int wolfSSL_NoKeyShares(WOLFSSL* ssl); 03063 #endif 03064 03065 03066 /* Secure Renegotiation */ 03067 #ifdef HAVE_SECURE_RENEGOTIATION 03068 03069 WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl); 03070 WOLFSSL_API int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx); 03071 WOLFSSL_API int wolfSSL_StartSecureRenegotiation(WOLFSSL* ssl, int resume); 03072 WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl); 03073 WOLFSSL_API int wolfSSL_SecureResume(WOLFSSL* ssl); 03074 WOLFSSL_API long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl); 03075 03076 #endif 03077 03078 /* Session Ticket */ 03079 #ifdef HAVE_SESSION_TICKET 03080 03081 #ifndef NO_WOLFSSL_CLIENT 03082 WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl); 03083 WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx); 03084 WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, word32*); 03085 WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, const unsigned char*, word32); 03086 typedef int (*CallbackSessionTicket)(WOLFSSL*, const unsigned char*, int, void*); 03087 WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL*, 03088 CallbackSessionTicket, void*); 03089 #endif /* NO_WOLFSSL_CLIENT */ 03090 03091 03092 #define WOLFSSL_TICKET_NAME_SZ 16 03093 #define WOLFSSL_TICKET_IV_SZ 16 03094 #define WOLFSSL_TICKET_MAC_SZ 32 03095 03096 enum TicketEncRet { 03097 WOLFSSL_TICKET_RET_FATAL = -1, /* fatal error, don't use ticket */ 03098 WOLFSSL_TICKET_RET_OK = 0, /* ok, use ticket */ 03099 WOLFSSL_TICKET_RET_REJECT, /* don't use ticket, but not fatal */ 03100 WOLFSSL_TICKET_RET_CREATE /* existing ticket ok and create new one */ 03101 }; 03102 03103 #ifndef NO_WOLFSSL_SERVER 03104 03105 typedef int (*SessionTicketEncCb)(WOLFSSL*, 03106 unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], 03107 unsigned char iv[WOLFSSL_TICKET_IV_SZ], 03108 unsigned char mac[WOLFSSL_TICKET_MAC_SZ], 03109 int enc, unsigned char*, int, int*, void*); 03110 WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, 03111 SessionTicketEncCb); 03112 WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); 03113 WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); 03114 03115 #endif /* NO_WOLFSSL_SERVER */ 03116 03117 #endif /* HAVE_SESSION_TICKET */ 03118 03119 #ifdef HAVE_QSH 03120 /* Quantum-safe Crypto Schemes */ 03121 enum { 03122 WOLFSSL_NTRU_EESS439 = 0x0101, /* max plaintext length of 65 */ 03123 WOLFSSL_NTRU_EESS593 = 0x0102, /* max plaintext length of 86 */ 03124 WOLFSSL_NTRU_EESS743 = 0x0103, /* max plaintext length of 106 */ 03125 WOLFSSL_LWE_XXX = 0x0201, /* Learning With Error encryption scheme */ 03126 WOLFSSL_HFE_XXX = 0x0301, /* Hidden Field Equation scheme */ 03127 WOLFSSL_NULL_QSH = 0xFFFF /* QSHScheme is not used */ 03128 }; 03129 03130 03131 /* test if the connection is using a QSH secure connection return 1 if so */ 03132 WOLFSSL_API int wolfSSL_isQSH(WOLFSSL* ssl); 03133 WOLFSSL_API int wolfSSL_UseSupportedQSH(WOLFSSL* ssl, unsigned short name); 03134 #ifndef NO_WOLFSSL_CLIENT 03135 /* user control over sending client public key in hello 03136 when flag = 1 will send keys if flag is 0 or function is not called 03137 then will not send keys in the hello extension */ 03138 WOLFSSL_API int wolfSSL_UseClientQSHKeys(WOLFSSL* ssl, unsigned char flag); 03139 #endif 03140 03141 #endif /* QSH */ 03142 03143 /* TLS Extended Master Secret Extension */ 03144 WOLFSSL_API int wolfSSL_DisableExtendedMasterSecret(WOLFSSL* ssl); 03145 WOLFSSL_API int wolfSSL_CTX_DisableExtendedMasterSecret(WOLFSSL_CTX* ctx); 03146 03147 03148 #define WOLFSSL_CRL_MONITOR 0x01 /* monitor this dir flag */ 03149 #define WOLFSSL_CRL_START_MON 0x02 /* start monitoring flag */ 03150 03151 03152 /* notify user the handshake is done */ 03153 typedef int (*HandShakeDoneCb)(WOLFSSL*, void*); 03154 WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL*, HandShakeDoneCb, void*); 03155 03156 03157 WOLFSSL_API int wolfSSL_PrintSessionStats(void); 03158 WOLFSSL_API int wolfSSL_get_session_stats(unsigned int* active, 03159 unsigned int* total, 03160 unsigned int* peak, 03161 unsigned int* maxSessions); 03162 /* External facing KDF */ 03163 WOLFSSL_API 03164 int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen, 03165 const unsigned char* pms, word32 pmsLen, 03166 const unsigned char* cr, const unsigned char* sr, 03167 int tls1_2, int hash_type); 03168 03169 WOLFSSL_API 03170 int wolfSSL_MakeTlsExtendedMasterSecret(unsigned char* ms, word32 msLen, 03171 const unsigned char* pms, word32 pmsLen, 03172 const unsigned char* sHash, word32 sHashLen, 03173 int tls1_2, int hash_type); 03174 03175 WOLFSSL_API 03176 int wolfSSL_DeriveTlsKeys(unsigned char* key_data, word32 keyLen, 03177 const unsigned char* ms, word32 msLen, 03178 const unsigned char* sr, const unsigned char* cr, 03179 int tls1_2, int hash_type); 03180 03181 #ifdef WOLFSSL_CALLBACKS 03182 03183 typedef int (*HandShakeCallBack)(HandShakeInfo*); 03184 typedef int (*TimeoutCallBack)(TimeoutInfo*); 03185 03186 /* wolfSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack 03187 for diagnostics */ 03188 WOLFSSL_API int wolfSSL_connect_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, 03189 WOLFSSL_TIMEVAL); 03190 WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, 03191 WOLFSSL_TIMEVAL); 03192 03193 #endif /* WOLFSSL_CALLBACKS */ 03194 03195 03196 #ifdef WOLFSSL_HAVE_WOLFSCEP 03197 WOLFSSL_API void wolfSSL_wolfSCEP(void); 03198 #endif /* WOLFSSL_HAVE_WOLFSCEP */ 03199 03200 #ifdef WOLFSSL_HAVE_CERT_SERVICE 03201 WOLFSSL_API void wolfSSL_cert_service(void); 03202 #endif 03203 03204 #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) 03205 /* Smaller subset of X509 compatibility functions. Avoid increasing the size of 03206 * this subset and its memory usage */ 03207 03208 #include <wolfssl/openssl/asn1.h> 03209 struct WOLFSSL_X509_NAME_ENTRY { 03210 WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */ 03211 WOLFSSL_ASN1_STRING data; 03212 WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ 03213 int nid; /* i.e. ASN_COMMON_NAME */ 03214 int set; 03215 int size; 03216 }; 03217 03218 WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name, 03219 const WOLFSSL_ASN1_OBJECT *obj, 03220 int idx); 03221 03222 #endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ 03223 03224 03225 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) 03226 03227 enum { 03228 WOLFSSL_SYS_ACCEPT = 0, 03229 WOLFSSL_SYS_BIND, 03230 WOLFSSL_SYS_CONNECT, 03231 WOLFSSL_SYS_FOPEN, 03232 WOLFSSL_SYS_FREAD, 03233 WOLFSSL_SYS_GETADDRINFO, 03234 WOLFSSL_SYS_GETSOCKOPT, 03235 WOLFSSL_SYS_GETSOCKNAME, 03236 WOLFSSL_SYS_GETHOSTBYNAME, 03237 WOLFSSL_SYS_GETNAMEINFO, 03238 WOLFSSL_SYS_GETSERVBYNAME, 03239 WOLFSSL_SYS_IOCTLSOCKET, 03240 WOLFSSL_SYS_LISTEN, 03241 WOLFSSL_SYS_OPENDIR, 03242 WOLFSSL_SYS_SETSOCKOPT, 03243 WOLFSSL_SYS_SOCKET 03244 }; 03245 03246 /* Object functions */ 03247 WOLFSSL_API const char* wolfSSL_OBJ_nid2sn(int n); 03248 WOLFSSL_API int wolfSSL_OBJ_obj2nid(const WOLFSSL_ASN1_OBJECT *o); 03249 WOLFSSL_API int wolfSSL_OBJ_get_type(const WOLFSSL_ASN1_OBJECT *o); 03250 WOLFSSL_API int wolfSSL_OBJ_sn2nid(const char *sn); 03251 03252 WOLFSSL_API const char* wolfSSL_OBJ_nid2ln(int n); 03253 WOLFSSL_API int wolfSSL_OBJ_ln2nid(const char *ln); 03254 WOLFSSL_API int wolfSSL_OBJ_cmp(const WOLFSSL_ASN1_OBJECT* a, 03255 const WOLFSSL_ASN1_OBJECT* b); 03256 WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn); 03257 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_txt2obj(const char* s, int no_name); 03258 03259 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int n); 03260 WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int n, WOLFSSL_ASN1_OBJECT *arg_obj); 03261 WOLFSSL_API int wolfSSL_OBJ_obj2txt(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a, int no_name); 03262 03263 WOLFSSL_API void wolfSSL_OBJ_cleanup(void); 03264 WOLFSSL_API int wolfSSL_OBJ_create(const char *oid, const char *sn, const char *ln); 03265 #ifdef HAVE_ECC 03266 WOLFSSL_LOCAL int NIDToEccEnum(int n); 03267 #endif 03268 /* end of object functions */ 03269 03270 WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error_line(const char **file, int *line); 03271 WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt); 03272 WOLFSSL_API long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt,void* pt); 03273 WOLFSSL_API long wolfSSL_CTX_callback_ctrl(WOLFSSL_CTX* ctx, int cmd, void (*fp)(void)); 03274 WOLFSSL_API long wolfSSL_CTX_clear_extra_chain_certs(WOLFSSL_CTX* ctx); 03275 03276 #ifndef NO_CERTS 03277 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( 03278 WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, 03279 const unsigned char* data, int dataSz); 03280 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_txt( 03281 WOLFSSL_X509_NAME_ENTRY **neIn, const char *txt, int format, 03282 const unsigned char *data, int dataSz); 03283 WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name, 03284 WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set); 03285 WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name, 03286 const char *field, int type, const unsigned char *bytes, int len, int loc, 03287 int set); 03288 WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid, 03289 int type, const unsigned char *bytes, 03290 int len, int loc, int set); 03291 WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x, 03292 const WOLFSSL_X509_NAME* y); 03293 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void); 03294 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509*); 03295 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME*); 03296 WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl); 03297 WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, 03298 int nid, int* c, int* idx); 03299 WOLFSSL_API int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert); 03300 WOLFSSL_API int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509 *x, int nid, int lastpos); 03301 WOLFSSL_API int wolfSSL_X509_add_ext(WOLFSSL_X509 *x, WOLFSSL_X509_EXTENSION *ex, int loc); 03302 WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509V3_EXT_conf_nid( 03303 WOLF_LHASH_OF(CONF_VALUE)* conf, WOLFSSL_X509V3_CTX* ctx, int nid, 03304 char* value); 03305 WOLFSSL_API void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, 03306 WOLFSSL_X509* issuer, WOLFSSL_X509* subject, WOLFSSL_X509* req, 03307 WOLFSSL_X509_CRL* crl, int flag); 03308 WOLFSSL_API void wolfSSL_X509V3_set_ctx_nodb(WOLFSSL_X509V3_CTX* ctx); 03309 WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509* x509, 03310 const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len); 03311 WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509); 03312 WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey); 03313 WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl, 03314 const unsigned char* der, long derSz); 03315 WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_get_privatekey(const WOLFSSL *ssl); 03316 #ifndef NO_RSA 03317 WOLFSSL_API int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der, 03318 long derSz); 03319 #endif 03320 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_ASN1(int pri, WOLFSSL_CTX* ctx, 03321 unsigned char* der, long derSz); 03322 03323 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) 03324 WOLFSSL_API int wolfSSL_X509_cmp(const WOLFSSL_X509* a, const WOLFSSL_X509* b); 03325 WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_get_ext(const WOLFSSL_X509* x, int loc); 03326 WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x, int loc); 03327 WOLFSSL_API int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex); 03328 WOLFSSL_API WOLFSSL_X509_EXTENSION* wolfSSL_X509_EXTENSION_new(void); 03329 WOLFSSL_API int wolfSSL_sk_X509_EXTENSION_push(WOLFSSL_STACK* sk, 03330 WOLFSSL_X509_EXTENSION* ext); 03331 WOLFSSL_API void wolfSSL_sk_X509_EXTENSION_free(WOLFSSL_STACK* sk); 03332 WOLFSSL_API void wolfSSL_X509_EXTENSION_free(WOLFSSL_X509_EXTENSION* ext_to_free); 03333 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_x509_ext(void); 03334 #endif 03335 03336 WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_X509_EXTENSION_get_object(WOLFSSL_X509_EXTENSION* ext); 03337 WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_EXTENSION_get_data(WOLFSSL_X509_EXTENSION* ext); 03338 #endif /* NO_CERTS */ 03339 03340 WOLFSSL_API WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r); 03341 03342 WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses, 03343 unsigned char* out, int outSz); 03344 WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses); 03345 03346 WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, 03347 WOLFSSL_X509_STORE* str); 03348 WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509); 03349 #if !defined(NO_FILESYSTEM) 03350 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(XFILE fp, 03351 WOLFSSL_X509** x509); 03352 WOLFSSL_API WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s); 03353 #endif 03354 WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, 03355 WOLFSSL_X509** x509); 03356 WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx); 03357 03358 WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio); 03359 WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b); 03360 03361 WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl, 03362 unsigned char *out, size_t outlen); 03363 WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL*, WOLFSSL_EVP_PKEY**); 03364 03365 WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX*, int); 03366 WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX*, int); 03367 03368 WOLFSSL_API size_t wolfSSL_get_client_random(const WOLFSSL* ssl, 03369 unsigned char* out, size_t outSz); 03370 WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); 03371 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); 03372 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_bio_X509_CRL(WOLFSSL_BIO *bp, 03373 WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u); 03374 WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX 03375 (WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u); 03376 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_INFO)* wolfSSL_PEM_X509_INFO_read_bio( 03377 WOLFSSL_BIO* bio, WOLF_STACK_OF(WOLFSSL_X509_INFO)* sk, 03378 pem_password_cb* cb, void* u); 03379 #ifndef NO_FILESYSTEM 03380 WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_PEM_read_X509_CRL(XFILE fp, 03381 WOLFSSL_X509_CRL **x, pem_password_cb *cb, void *u); 03382 #endif 03383 WOLFSSL_API int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, 03384 EncryptedInfo* cipher); 03385 WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher, 03386 unsigned char* data, long* len, 03387 pem_password_cb* callback, void* ctx); 03388 03389 /*lighttp compatibility */ 03390 03391 struct WOLFSSL_ASN1_BIT_STRING { 03392 int length; 03393 int type; 03394 byte* data; 03395 long flags; 03396 }; 03397 03398 03399 #if defined(OPENSSL_EXTRA) \ 03400 || defined(OPENSSL_ALL) \ 03401 || defined(HAVE_LIGHTY) \ 03402 || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 03403 || defined(HAVE_STUNNEL) \ 03404 || defined(WOLFSSL_NGINX) \ 03405 || defined(WOLFSSL_HAPROXY) 03406 WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne); 03407 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void); 03408 WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name); 03409 WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX*, WOLFSSL_X509*); 03410 WOLFSSL_API int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX*, WOLFSSL_X509*); 03411 WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name); 03412 /* These are to be merged shortly */ 03413 WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth); 03414 WOLFSSL_API void* wolfSSL_get_app_data( const WOLFSSL *ssl); 03415 WOLFSSL_API int wolfSSL_set_app_data(WOLFSSL *ssl, void *arg); 03416 WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne); 03417 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc); 03418 WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md); 03419 WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md); 03420 WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsigned char *md); 03421 WOLFSSL_API unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, unsigned char *md); 03422 WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*); 03423 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk ); 03424 WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509); 03425 03426 #ifndef NO_FILESYSTEM 03427 WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c); 03428 WOLFSSL_API long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp); 03429 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int c); 03430 #endif 03431 03432 #endif /* OPENSSL_EXTRA || OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ 03433 03434 #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ 03435 03436 03437 #if defined(OPENSSL_ALL) \ 03438 || defined(HAVE_STUNNEL) \ 03439 || defined(HAVE_LIGHTY) \ 03440 || defined(WOLFSSL_MYSQL_COMPATIBLE) \ 03441 || defined(WOLFSSL_HAPROXY) \ 03442 || defined(OPENSSL_EXTRA) 03443 03444 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_file(const char *filename, const char *mode); 03445 WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*); 03446 WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, 03447 WOLFSSL_DH **x, pem_password_cb *cb, void *u); 03448 WOLFSSL_API WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, 03449 WOLFSSL_DSA **x, pem_password_cb *cb, void *u); 03450 WOLFSSL_API int wolfSSL_PEM_write_bio_X509_REQ(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); 03451 WOLFSSL_API int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp,WOLFSSL_X509 *x); 03452 WOLFSSL_API int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x); 03453 #endif /* HAVE_STUNNEL || HAVE_LIGHTY */ 03454 03455 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \ 03456 defined(WOLFSSL_CERT_REQ) 03457 WOLFSSL_API int wolfSSL_i2d_X509_REQ(WOLFSSL_X509* req, unsigned char** out); 03458 WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_new(void); 03459 WOLFSSL_API void wolfSSL_X509_REQ_free(WOLFSSL_X509* req); 03460 WOLFSSL_API int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, 03461 const WOLFSSL_EVP_MD *md); 03462 WOLFSSL_API int wolfSSL_X509_REQ_add_extensions(WOLFSSL_X509* req, 03463 WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* ext); 03464 WOLFSSL_API int wolfSSL_X509_REQ_set_subject_name(WOLFSSL_X509 *req, 03465 WOLFSSL_X509_NAME *name); 03466 WOLFSSL_API int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req, 03467 WOLFSSL_EVP_PKEY *pkey); 03468 #endif 03469 03470 03471 #if defined(OPENSSL_ALL) \ 03472 || defined(HAVE_STUNNEL) \ 03473 || defined(WOLFSSL_NGINX) \ 03474 || defined(WOLFSSL_HAPROXY) \ 03475 || defined(OPENSSL_EXTRA) \ 03476 || defined(HAVE_LIGHTY) 03477 03478 #include <wolfssl/openssl/crypto.h> 03479 03480 /* SNI received callback type */ 03481 typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg); 03482 03483 WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), 03484 void *(*r) (void *, size_t, const char *, int), void (*f) (void *)); 03485 03486 WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void); 03487 03488 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn); 03489 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn); 03490 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn); 03491 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_2048_prime(WOLFSSL_BIGNUM* bn); 03492 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_3072_prime(WOLFSSL_BIGNUM* bn); 03493 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_4096_prime(WOLFSSL_BIGNUM* bn); 03494 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_6144_prime(WOLFSSL_BIGNUM* bn); 03495 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_8192_prime(WOLFSSL_BIGNUM* bn); 03496 03497 WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator, 03498 void (*callback) (int, int, void *), void *cb_arg); 03499 03500 WOLFSSL_API int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH*, int, int, 03501 void (*callback) (int, int, void *)); 03502 03503 WOLFSSL_API void wolfSSL_ERR_load_crypto_strings(void); 03504 03505 WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error(void); 03506 03507 WOLFSSL_API int wolfSSL_FIPS_mode(void); 03508 03509 WOLFSSL_API int wolfSSL_FIPS_mode_set(int r); 03510 03511 WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth); 03512 03513 WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits); 03514 03515 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_new(void); 03516 WOLFSSL_API int wolfSSL_sk_X509_num(const WOLF_STACK_OF(WOLFSSL_X509) *s); 03517 03518 WOLFSSL_API WOLFSSL_X509_INFO *wolfSSL_X509_INFO_new(void); 03519 WOLFSSL_API void wolfSSL_X509_INFO_free(WOLFSSL_X509_INFO* info); 03520 03521 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_X509_INFO_new_null(void); 03522 WOLFSSL_API int wolfSSL_sk_X509_INFO_num(const WOLF_STACK_OF(WOLFSSL_X509_INFO)*); 03523 WOLFSSL_API WOLFSSL_X509_INFO* wolfSSL_sk_X509_INFO_value( 03524 const WOLF_STACK_OF(WOLFSSL_X509_INFO)*, int); 03525 WOLFSSL_API int wolfSSL_sk_X509_INFO_push(WOLF_STACK_OF(WOLFSSL_X509_INFO)*, 03526 WOLFSSL_X509_INFO*); 03527 WOLFSSL_API WOLFSSL_X509_INFO* wolfSSL_sk_X509_INFO_pop(WOLF_STACK_OF(WOLFSSL_X509_INFO)*); 03528 WOLFSSL_API void wolfSSL_sk_X509_INFO_pop_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*, 03529 void (*f) (WOLFSSL_X509_INFO*)); 03530 WOLFSSL_API void wolfSSL_sk_X509_INFO_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*); 03531 03532 typedef int (*wolf_sk_compare_cb)(const void* const *a, 03533 const void* const *b); 03534 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new( 03535 wolf_sk_compare_cb); 03536 WOLFSSL_API int wolfSSL_sk_X509_NAME_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)*, 03537 WOLFSSL_X509_NAME*); 03538 WOLFSSL_API int wolfSSL_sk_X509_NAME_find(const WOLF_STACK_OF(WOLFSSL_X509_NAME)*, 03539 WOLFSSL_X509_NAME*); 03540 WOLFSSL_API int wolfSSL_sk_X509_NAME_set_cmp_func( 03541 WOLF_STACK_OF(WOLFSSL_X509_NAME)*, wolf_sk_compare_cb); 03542 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_sk_X509_NAME_value(const WOLF_STACK_OF(WOLFSSL_X509_NAME)*, int); 03543 WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const WOLF_STACK_OF(WOLFSSL_X509_NAME)*); 03544 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_sk_X509_NAME_pop(WOLF_STACK_OF(WOLFSSL_X509_NAME)*); 03545 WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)*, 03546 void (*f) (WOLFSSL_X509_NAME*)); 03547 WOLFSSL_API void wolfSSL_sk_X509_NAME_free(WOLF_STACK_OF(WOLFSSL_X509_NAME) *); 03548 03549 WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJECT) *s); 03550 03551 WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int, 03552 unsigned long); 03553 03554 WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void); 03555 WOLFSSL_API void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING*); 03556 WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr( 03557 const WOLFSSL_X509*); 03558 WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_get_bit( 03559 const WOLFSSL_ASN1_BIT_STRING*, int); 03560 WOLFSSL_API int wolfSSL_ASN1_BIT_STRING_set_bit( 03561 WOLFSSL_ASN1_BIT_STRING*, int, int); 03562 03563 WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*); 03564 03565 WOLFSSL_API int wolfSSL_version(WOLFSSL*); 03566 03567 WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*); 03568 03569 WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_value(WOLF_STACK_OF(WOLFSSL_X509)*, int); 03570 03571 WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)*); 03572 03573 WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*, int); 03574 03575 WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int); 03576 03577 WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*); 03578 03579 WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*, 03580 CRYPTO_free_func*); 03581 03582 WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); 03583 03584 03585 WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, 03586 unsigned int*); 03587 03588 WOLFSSL_API int wolfSSL_SESSION_print(WOLFSSL_BIO*, const WOLFSSL_SESSION*); 03589 03590 WOLFSSL_API int wolfSSL_set_tlsext_host_name(WOLFSSL *, const char *); 03591 03592 WOLFSSL_API const char* wolfSSL_get_servername(WOLFSSL *, unsigned char); 03593 03594 WOLFSSL_API WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL*,WOLFSSL_CTX*); 03595 03596 WOLFSSL_API VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX*); 03597 03598 WOLFSSL_API VerifyCallback wolfSSL_get_verify_callback(WOLFSSL*); 03599 03600 WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *, 03601 CallbackSniRecv); 03602 WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX *, 03603 CallbackSniRecv); 03604 03605 WOLFSSL_API int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); 03606 03607 WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void*); 03608 03609 /* support for deprecated old name */ 03610 #define WOLFSSL_ERR_remove_thread_state wolfSSL_ERR_remove_thread_state 03611 03612 #ifndef NO_FILESYSTEM 03613 WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE fp); 03614 #endif 03615 03616 WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); 03617 03618 WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); 03619 03620 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( 03621 WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); 03622 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* 03623 wolfSSL_X509_STORE_get0_objects(WOLFSSL_X509_STORE *); 03624 WOLFSSL_API WOLFSSL_X509_OBJECT* 03625 wolfSSL_sk_X509_OBJECT_delete(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* sk, int i); 03626 WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a); 03627 03628 WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*)); 03629 #endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */ 03630 03631 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) 03632 WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names); 03633 WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names); 03634 #endif /* OPENSSL_EXTRA && HAVE_ECC */ 03635 03636 #if defined(OPENSSL_ALL) || \ 03637 defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ 03638 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 03639 03640 WOLFSSL_API int wolfSSL_CTX_get_verify_mode(WOLFSSL_CTX* ctx); 03641 03642 #endif 03643 03644 #ifdef WOLFSSL_JNI 03645 WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr); 03646 WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl); 03647 #endif /* WOLFSSL_JNI */ 03648 03649 03650 #ifdef WOLFSSL_ASYNC_CRYPT 03651 WOLFSSL_API int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags); 03652 WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int maxEvents, 03653 WOLF_EVENT_FLAG flags, int* eventCount); 03654 #endif /* WOLFSSL_ASYNC_CRYPT */ 03655 03656 #ifdef OPENSSL_EXTRA 03657 typedef void (*SSL_Msg_Cb)(int write_p, int version, int content_type, 03658 const void *buf, size_t len, WOLFSSL *ssl, void *arg); 03659 03660 WOLFSSL_API int wolfSSL_CTX_set_msg_callback(WOLFSSL_CTX *ctx, SSL_Msg_Cb cb); 03661 WOLFSSL_API int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb); 03662 WOLFSSL_API int wolfSSL_CTX_set_msg_callback_arg(WOLFSSL_CTX *ctx, void* arg); 03663 WOLFSSL_API int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg); 03664 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, 03665 int *line, const char **data, int *flags); 03666 WOLFSSL_API int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, 03667 const unsigned char *protos, unsigned int protos_len); 03668 WOLFSSL_API int wolfSSL_set_alpn_protos(WOLFSSL* ssl, 03669 const unsigned char* protos, unsigned int protos_len); 03670 WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, 03671 size_t siz, const char* file, int line); 03672 WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); 03673 #endif 03674 03675 #if defined(OPENSSL_ALL) \ 03676 || defined(WOLFSSL_NGINX) \ 03677 || defined(WOLFSSL_HAPROXY) \ 03678 || defined(OPENSSL_EXTRA) 03679 WOLFSSL_API void wolfSSL_OPENSSL_config(char *config_name); 03680 #endif 03681 03682 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 03683 /* Not an OpenSSL API. */ 03684 WOLFSSL_LOCAL int wolfSSL_get_ocsp_response(WOLFSSL* ssl, byte** response); 03685 /* Not an OpenSSL API. */ 03686 WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl); 03687 /* Not an OpenSSL API. */ 03688 WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); 03689 #endif 03690 03691 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 03692 || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) 03693 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl); 03694 WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, 03695 void *b, void *c); 03696 WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx); 03697 WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx, 03698 void *data); 03699 WOLFSSL_API int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *data, 03700 const WOLFSSL_EVP_MD *type, unsigned char *md, unsigned int *len); 03701 03702 WOLFSSL_API long wolfSSL_SSL_CTX_get_timeout(const WOLFSSL_CTX *ctx); 03703 WOLFSSL_API long wolfSSL_get_timeout(WOLFSSL* ssl); 03704 WOLFSSL_API int wolfSSL_SSL_CTX_set_tmp_ecdh(WOLFSSL_CTX *ctx, 03705 WOLFSSL_EC_KEY *ecdh); 03706 WOLFSSL_API int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *, 03707 WOLFSSL_SESSION *c); 03708 03709 WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s); 03710 WOLFSSL_API WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s); 03711 WOLFSSL_API int wolfSSL_SSL_do_handshake(WOLFSSL *s); 03712 WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL*); 03713 WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL*); 03714 03715 #ifndef NO_SESSION_CACHE 03716 WOLFSSL_API WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *s); 03717 #endif 03718 WOLFSSL_API int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, 03719 size_t chklen, unsigned int flags, char **peername); 03720 03721 WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, 03722 const WOLFSSL_ASN1_INTEGER *a); 03723 03724 #ifdef HAVE_SESSION_TICKET 03725 WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, int (*)( 03726 WOLFSSL *ssl, unsigned char *name, unsigned char *iv, 03727 WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)); 03728 #endif 03729 03730 #if defined(HAVE_OCSP) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \ 03731 defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 03732 WOLFSSL_API int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, 03733 WOLF_STACK_OF(X509)** chain); 03734 WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, 03735 int(*)(WOLFSSL*, void*)); 03736 03737 WOLFSSL_API int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, 03738 WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x); 03739 03740 WOLFSSL_API void wolfSSL_X509_email_free(WOLF_STACK_OF(WOLFSSL_STRING) *sk); 03741 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *x); 03742 03743 WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer, 03744 WOLFSSL_X509 *subject); 03745 03746 WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value( 03747 WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx); 03748 #endif /* HAVE_OCSP */ 03749 03750 WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio, 03751 WOLFSSL_X509 *cert); 03752 03753 #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || 03754 OPENSSL_EXTRA || HAVE_LIGHTY*/ 03755 03756 WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, 03757 const unsigned char **data, unsigned int *len); 03758 WOLFSSL_API int wolfSSL_select_next_proto(unsigned char **out, 03759 unsigned char *outlen, 03760 const unsigned char *in, unsigned int inlen, 03761 const unsigned char *client, 03762 unsigned int client_len); 03763 WOLFSSL_API void wolfSSL_CTX_set_alpn_select_cb(WOLFSSL_CTX *ctx, 03764 int (*cb) (WOLFSSL *ssl, 03765 const unsigned char **out, 03766 unsigned char *outlen, 03767 const unsigned char *in, 03768 unsigned int inlen, 03769 void *arg), void *arg); 03770 WOLFSSL_API void wolfSSL_CTX_set_next_protos_advertised_cb(WOLFSSL_CTX *s, 03771 int (*cb) (WOLFSSL *ssl, 03772 const unsigned char **out, 03773 unsigned int *outlen, 03774 void *arg), void *arg); 03775 WOLFSSL_API void wolfSSL_CTX_set_next_proto_select_cb(WOLFSSL_CTX *s, 03776 int (*cb) (WOLFSSL *ssl, 03777 unsigned char **out, 03778 unsigned char *outlen, 03779 const unsigned char *in, 03780 unsigned int inlen, 03781 void *arg), void *arg); 03782 WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **data, 03783 unsigned *len); 03784 03785 03786 #ifdef OPENSSL_EXTRA 03787 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 03788 WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context( 03789 const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length); 03790 WOLFSSL_API size_t SSL_get_finished(const WOLFSSL *s, void *buf, size_t count); 03791 WOLFSSL_API size_t SSL_get_peer_finished(const WOLFSSL *s, void *buf, size_t count); 03792 #endif 03793 03794 WOLFSSL_API int SSL_SESSION_set1_id(WOLFSSL_SESSION *s, const unsigned char *sid, unsigned int sid_len); 03795 WOLFSSL_API int SSL_SESSION_set1_id_context(WOLFSSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len); 03796 WOLFSSL_API WOLFSSL_X509_ALGOR* wolfSSL_X509_ALGOR_new(void); 03797 WOLFSSL_API void wolfSSL_X509_ALGOR_free(WOLFSSL_X509_ALGOR *alg); 03798 WOLFSSL_API const WOLFSSL_X509_ALGOR* wolfSSL_X509_get0_tbs_sigalg(const WOLFSSL_X509 *x); 03799 WOLFSSL_API void wolfSSL_X509_ALGOR_get0(const WOLFSSL_ASN1_OBJECT **paobj, int *pptype, const void **ppval, const WOLFSSL_X509_ALGOR *algor); 03800 WOLFSSL_API int wolfSSL_X509_ALGOR_set0(WOLFSSL_X509_ALGOR *algor, WOLFSSL_ASN1_OBJECT *aobj, int ptype, void *pval); 03801 WOLFSSL_API WOLFSSL_ASN1_TYPE* wolfSSL_ASN1_TYPE_new(void); 03802 WOLFSSL_API void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at); 03803 WOLFSSL_API WOLFSSL_X509_PUBKEY *wolfSSL_X509_PUBKEY_new(void); 03804 WOLFSSL_API void wolfSSL_X509_PUBKEY_free(WOLFSSL_X509_PUBKEY *x); 03805 WOLFSSL_API WOLFSSL_X509_PUBKEY *wolfSSL_X509_get_X509_PUBKEY(const WOLFSSL_X509* x509); 03806 WOLFSSL_API int wolfSSL_X509_PUBKEY_get0_param(WOLFSSL_ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, WOLFSSL_X509_ALGOR **pa, WOLFSSL_X509_PUBKEY *pub); 03807 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_PUBKEY_get(WOLFSSL_X509_PUBKEY* key); 03808 WOLFSSL_API int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key); 03809 WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a); 03810 WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a); 03811 WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength)); 03812 WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); 03813 WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, const char *file, const char *dir); 03814 WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x); 03815 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p); 03816 WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_find( 03817 WOLF_STACK_OF(WOLFSSL_CIPHER)* sk, const WOLFSSL_CIPHER* toFind); 03818 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_sk_SSL_CIPHER_dup( 03819 WOLF_STACK_OF(WOLFSSL_CIPHER)* in); 03820 WOLFSSL_API void wolfSSL_sk_SSL_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk); 03821 WOLFSSL_API int wolfSSL_sk_SSL_COMP_zero(WOLFSSL_STACK* st); 03822 WOLFSSL_API int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk); 03823 WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); 03824 WOLFSSL_API void ERR_load_SSL_strings(void); 03825 WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); 03826 03827 WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag); 03828 WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags); 03829 WOLFSSL_API int wolfSSL_ASN1_STRING_print(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str); 03830 WOLFSSL_API int wolfSSL_ASN1_TIME_get_length(WOLFSSL_ASN1_TIME *t); 03831 WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(WOLFSSL_ASN1_TIME *t); 03832 WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, 03833 WOLFSSL_ASN1_TIME **out); 03834 WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp); 03835 WOLFSSL_API int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE *store); 03836 WOLFSSL_API long wolfSSL_X509_get_version(const WOLFSSL_X509 *x); 03837 WOLFSSL_API int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509* x); 03838 03839 WOLFSSL_API int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, 03840 WOLFSSL_EVP_PKEY* pkey, const WOLFSSL_EVP_CIPHER* enc, char* passwd, 03841 int passwdSz, pem_password_cb* cb, void* ctx); 03842 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio, 03843 WOLFSSL_EVP_PKEY** pkey, pem_password_cb* cb, void* u); 03844 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey( 03845 WOLFSSL_EVP_PKEY** pkey, const unsigned char** data, long length); 03846 WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509); 03847 03848 03849 #endif /* OPENSSL_EXTRA */ 03850 03851 #ifdef HAVE_PK_CALLBACKS 03852 WOLFSSL_API int wolfSSL_IsPrivatePkSet(WOLFSSL* ssl); 03853 WOLFSSL_API int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx); 03854 #endif 03855 03856 #ifdef HAVE_ENCRYPT_THEN_MAC 03857 WOLFSSL_API int wolfSSL_CTX_AllowEncryptThenMac(WOLFSSL_CTX *, int); 03858 WOLFSSL_API int wolfSSL_AllowEncryptThenMac(WOLFSSL *s, int); 03859 #endif 03860 03861 #ifdef __cplusplus 03862 } /* extern "C" */ 03863 #endif 03864 03865 03866 #endif /* WOLFSSL_SSL_H */ 03867
Generated on Tue Jul 12 2022 20:59:06 by
1.7.2